Timeline for rsyslog with TLS
Current License: CC BY-SA 4.0
8 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| May 22, 2018 at 3:28 | comment | added | dave_thompson_085 |
This is nonsense. There is no security reason to drop TLS1.1 and no real reason to drop 1.0 (only BEAST, which proved toothless and is mitigated clientside), although recent OpenSSL releases (at least upstream) do disable SSL3 because POODLE. ciphers -v lists only the lowest protocol version for each ciphersuite, and all suites in 1.0 and 1.1 were also in SSL3 before it was dropped, see stackoverflow.com/questions/27430158 And I don't have RHEL but yes rpmfind shows CentOS (7 and 6) rsyslog using gnutls.
|
|
| May 21, 2018 at 9:22 | comment | added | Jakuje | +1 for the security reasons. I would be surprised if it would be allowed in either crypto library inn RHEL7. But talking about openssl, even through it is not used at all in the cycle is a bit off. | |
| May 20, 2018 at 16:46 | comment | added | Raza | @RuiFRibeiro I still need to know where to disable TLS 1.2 if using older version of OS, Is that manage at compile time of the rsyslog | |
| May 20, 2018 at 15:09 | comment | added | Rui F Ribeiro | @Jakuje could be, will double check it out later on | |
| May 20, 2018 at 14:48 | comment | added | Jakuje | Isn't rsyslog using GnuTLS as a crypto library? | |
| May 20, 2018 at 14:43 | history | edited | Rui F Ribeiro | CC BY-SA 4.0 |
added 4 characters in body
|
| May 20, 2018 at 8:18 | history | edited | Rui F Ribeiro | CC BY-SA 4.0 |
added 21 characters in body
|
| May 20, 2018 at 8:05 | history | answered | Rui F Ribeiro | CC BY-SA 4.0 |