Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Update Synapse's ciphers & restrict serving to TLS1.2+ #5529

Closed
hawkowl opened this issue Jun 23, 2019 · 1 comment
Closed

Update Synapse's ciphers & restrict serving to TLS1.2+ #5529

hawkowl opened this issue Jun 23, 2019 · 1 comment
Assignees
@hawkowl
Labels
z-p2 (Deprecated Label)

Comments

@hawkowl
Copy link
Contributor

hawkowl commented Jun 23, 2019

We currently allow AES128-CCM, which isn't a great cipher and isn't in Mozilla's modern suite.

We should also get rid of TLS 1.0 and 1.1, since we require ciphers that basically require a TLS 1.2 compatible TLS stack to talk to.
@hawkowl hawkowl self-assigned this Jun 23, 2019
@hawkowl hawkowl mentioned this issue Jun 25, 2019
Merged
@neilisfragile neilisfragile added maintenance z-p2 (Deprecated Label) labels Jun 27, 2019
@richvdh
Copy link
Member

richvdh commented Jul 4, 2019

fixed by 5550

@richvdh richvdh closed this as completed Jul 4, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@hawkowl hawkowl

Labels
z-p2 (Deprecated Label)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@neilisfragile @richvdh @hawkowl