[Asterisk-code-review] sip.conf: tlsclientmethod is using sslv23 as default. (asterisk[11])
George Joseph
asteriskteam at digium.com
Thu Aug 18 16:14:30 CDT 2016
George Joseph has posted comments on this change.
Change subject: sip.conf: tlsclientmethod is using sslv23 as default.
......................................................................
Patch Set 1:
> That is difficult because this actually depends on the underlying
> OpenSSL version. For example, OpenSSL 0.9.8 does not have TLSv1.2.
> A distribution might have backported features of newer methods,
> disabled methods themselves, and so on. In some years, sslv23 means
> TLSv1.3.
>
> Any idea what I should write and is going to be correct for years?
> Or should we give more information, like what is mentioned in the
> commit message here or the one of ASTERISK-24425?
How about something like: "sslv23 generally means use the most secure methods available. Check the documentation for your openssl version for more information."
--
To view, visit https://gerrit.asterisk.org/3638
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: comment
Gerrit-Change-Id: I502ce6146b4504cadfd3973af8d6ec3994f54fa3
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 11
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-HasComments: No
More information about the asterisk-code-review
mailing list