Cool VL Viewer forum

View unanswered posts | View active topics It is currently 2019-02-20 17:38:23

Reply to topic  [ 3 posts ] 
TLS 1.2 ? 
Author Message

Joined: 2010-08-21 12:30:36
Posts: 89
Reply with quote
Does the Cool VL Viewer include this TLS 1.2 thing that LL says will be needed for transactions ?

2016-03-20 04:17:18

Joined: 2009-03-17 18:42:51
Posts: 3920
Reply with quote
The Cool VL Viewer is using LL's latest sources for the precompiled OpenSSL and libcurl libraries. It also got the CURLOPT_SSL_VERIFYPEER and CURLOPT_SSL_VERIFYHOST support for XMLRPC transactions (just make sure that the NoVerifySSLCert debug variable is set to FALSE, which is the default value).

I'm not sure what exactly LL's TLS v1.2 ruckus is all about (and can't know if things will break till they will actually implement the server changes), but I'm not too worried about an incompatibility issue; my guess is that they want to warn about some old TPV releases that implemented "fixes" (more like kludges, disabling TLS v1.2) for early TLS issues or were using old OpenSSL and libcurl libraries without TLS v1.2 support.

2016-03-20 07:54:56
Profile WWW

Joined: 2011-10-07 10:39:20
Posts: 79
Reply with quote
Maybe they just noticed that TLS 1.0 is considered somewhat broken by todays standard. (e.g. openssl 0.98 doesn't provide a single cipher suit that is considered safe for TLS 1.0 anymore).

This might be triggered by a move by PCI-DSS (the council setting standards for credit card stuff), which demands it: ... -early-tls

2016-04-17 14:49:10
Display posts from previous:  Sort by  
Reply to topic   [ 3 posts ] 

Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group
Designed by ST Software.