Thus said Ken Hornstein on Wed, 31 May 2017 10:19:37 -0400:
I am kind of torn about this. The stuff I have been seeing is that
most everybody should be moving to TLS 1.1 or greater, and I thought
all of the servers out there had supported this a long time ago. What
do others think?
Is it possible for the client (nmh) to control which ciphers it will
negotiate with the server? I think it makes sense to leave TLS 1.0 in
there as long as the client has control over which ciphers it uses. Are
there no decent ciphers in TLS 1.0? nmh could default to a sensible list
of them and exclude TLS 1.0 if it thinks that is useful but then make it
possible for the user to tailor the list to suit their needs.
Thanks,
Andy
--
TAI64 timestamp: 40000000592ed728
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers