You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In dnsdist, we can specify the TLS Ciphers to use when negotiating DoT/DoH connections. We should have a parameter to specify the TLS version as well
Usecase
Some environments have strict security requirements, and the accepted TLS version is often one of those. There might be other reasons as well (library bugs that only manifest themselves in a certain version, a protocol fault that can be mitigated using a more recent TLS version ...
Description
We can already specify the ciphers to use, as an option. It would be good to be able to specify the TLS version as well. Most other TLS-capable software (nginx, apache, mysql, ...) allow you to specify the TLS version and most (all?) current TLS libraries support setting the version.
The text was updated successfully, but these errors were encountered:
Short description
In dnsdist, we can specify the TLS Ciphers to use when negotiating DoT/DoH connections. We should have a parameter to specify the TLS version as well
Usecase
Some environments have strict security requirements, and the accepted TLS version is often one of those. There might be other reasons as well (library bugs that only manifest themselves in a certain version, a protocol fault that can be mitigated using a more recent TLS version ...
Description
We can already specify the ciphers to use, as an option. It would be good to be able to specify the TLS version as well. Most other TLS-capable software (nginx, apache, mysql, ...) allow you to specify the TLS version and most (all?) current TLS libraries support setting the version.
The text was updated successfully, but these errors were encountered: