Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

outdated docs default tls version #702

Open
git-girl opened this issue Apr 24, 2024 · 0 comments
Open

outdated docs default tls version #702

git-girl opened this issue Apr 24, 2024 · 0 comments
Labels
bug Something isn't working.

Comments

@git-girl
Copy link

heyjo :3

i think the docs are outdated on the minimum tls version.
honestly i am not comfy reading go and don't know enough about mail.
i was email rfc's and in 8997 it says that the minimum TLS version used by an MSP should be 1.2 or greater.
in the docs it says that maddy uses tls 1.0 as its minimum version.
when running maddy without any tls options with curl and setting the tls protocol via --tls-max i get anything below 1.2 rejected.
i think the way i got the code is that in the default case the tls.Config.MinVersion and tls.Config.MaxVersion are set to O. honestly i didn't bother to spend more time reading the go lib for crypto much beyond their comment that the default tls version is 1.2 and found this PR from a year back saying that they bumped it.
the docs weren't updated since then (tls.md at least).
that's why i guess everything is fine, it's just that the docs are outdated.

best regards
@git-girl git-girl added the bug Something isn't working. label Apr 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@git-girl