summaryrefslogtreecommitdiff
path: root/etc/mailer.conf
diff options
context:
space:
mode:
authorTheo Buehler <tb@cvs.openbsd.org>2024-04-04 08:02:22 +0000
committerTheo Buehler <tb@cvs.openbsd.org>2024-04-04 08:02:22 +0000
commit552e73412b26608ad2fe9dba62577b6db34708c9 (patch)
tree2202b93fe086fb545e263af7405516846d421897 /etc/mailer.conf
parent62c85569363991b237bf54cd916d123479f8496f (diff)
Recommit a better version of the removal of the F5 workaround
Unlike for previous TLS versions, TLSv1.3 servers can send the supported groups extension to inform a client of the server's preferences. The intention is that a client can adapt for subsequent commits. We ignore this info for now, but sthen ran into java-based servers that do this. Thus, rejecting the extension outright was incorrect. Instead, only allow the extension in TLSv1.3 encrypted extensions. This way the F5 workaround is also disabled, but we continue to interoperate with TLSv1.3 servers that do follow the last paragraph of RFC 8446, section 4.2.7. This mostly adjusts outdated/misleading comments. ok jsing sthen
Diffstat (limited to 'etc/mailer.conf')
0 files changed, 0 insertions, 0 deletions