NTS dropping TLS 1.2
Eric S. Raymond
esr at thyrsus.com
Mon Mar 23 10:43:16 UTC 2020
Hal Murray <hmurray at megapathdsl.net>:
> We can do several things:
> 1) clean out the ifdefs that make things work with older versions of OpenSSL.
> That is drop support for systems that haven't upgraded their OpenSSL to a
> supported version.
> 2) leave things alone, ignore the RFC.
> Or maybe add some nasty warning messages
> How long?
> 3) make a configure option to disable NTS so that NTPsec builds on older
> OSes but doesn't support NTS.
>
> I propose option 1. Simple and clean. I don't think we will drop many
> systems.
I concur.
--
<a href="http://www.catb.org/~esr/">Eric S. Raymond</a>
More information about the devel
mailing list