HomePhabricator

mailman: SSL settings to Apache 2.4 and "mid"

Authored by Dzahn.

Description

mailman: SSL settings to Apache 2.4 and "mid"

Changes the SSL settings for lists/mailman to Apache 2.4
and the "mid" option for the ciphers list, when on jessie or greater.

<snip>

  • mid: Supports TLSv1.0 and higher, and adds several forward-secret options which are not AEAD. This is compatible with many more clients than "strong". With a DHE-capable server, should only be incompatible with IE8/XP, ancient/un-updated Java6, and some small corner cases like Nokia feature phones. With a non-DHE server, compatibility is also lost with Android 2.x, OpenSSL 0.9.8, and more Java6 clients.
  • compat: Supports most legacy clients, PFS optional but preferred.

</snip>

Can only be merged after lists is off of sodium and on fermium.

Bug:T90351
Change-Id: Ibe761a194fe0ba32f2a3f46a217b1e5e60ae1a81

Details

Committed
DzahnAug 26 2015, 5:53 PM
Parents
rOPUPe06b3a5e38e0: Move labvirt1005 to Juno
Branches
Unknown
Tags
Unknown
ChangeId
Ibe761a194fe0ba32f2a3f46a217b1e5e60ae1a81