Re: Improved TLS Defaults

From:	Daniel Lowrey	Date:	Sat, 01 Feb 2014 17:47:31 +0000
Subject:	Re: Improved TLS Defaults
References:	1 2 3 4 5 6 7	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

> I finished the implementation patch with tests today and will
> update the RFC either this evening or tomorrow with a fully mature
proposal

Greetings, internals.

As promised, the mature proposal for Improved TLS Defaults is now live:

https://wiki.php.net/rfc/improved-tls-defaults

If you're short on time I've added a TL;DR section:

https://wiki.php.net/rfc/improved-tls-defaults#tldr_definitive_progress

There are a number of improvements and changes from the previous iterations
as well as code examples. So, even if you've read earlier versions of the
RFC I would encourage you to take a few minutes to read this (final?)
version.

The full patch with tests is now available and can be dropped directly into
the current 5.6 branch:

https://wiki.php.net/rfc/improved-tls-defaults#patches_and_tests

Thanks for your time and feedback. A vote is planned for Feb. 11, so please
pose any questions or suggestions you may have in the coming days to avoid
any hiccups during the actual voting process.


   

Thread (19 messages)

• Daniel LowreyWed, 29 Jan 2014 16:01:15 +0000
  • Pádraic BradyWed, 29 Jan 2014 16:23:51 +0000
• Daniel LowreyWed, 29 Jan 2014 19:10:05 +0000Re: Improved TLS Defaults
  • Yasuo OhgakiWed, 29 Jan 2014 19:46:08 +0000Re: Re: Improved TLS Defaults
    • Daniel LowreyWed, 29 Jan 2014 19:54:27 +0000
  • Pádraic BradyThu, 30 Jan 2014 00:16:32 +0000Re: Re: Improved TLS Defaults
    • Daniel LowreyThu, 30 Jan 2014 03:15:09 +0000
      • Rouven WeßlingThu, 30 Jan 2014 17:11:54 +0000
        • Daniel LowreyThu, 30 Jan 2014 17:17:23 +0000
          • Yasuo OhgakiFri, 31 Jan 2014 21:47:50 +0000
            • Daniel LowreyFri, 31 Jan 2014 22:08:26 +0000
              • Daniel LowreySat, 01 Feb 2014 17:47:31 +0000
                • Pádraic BradySun, 02 Feb 2014 00:27:55 +0000
                  • Daniel LowreySun, 02 Feb 2014 17:37:54 +0000
• Rouven WeßlingThu, 30 Jan 2014 17:11:54 +0000Re: Improved TLS Defaults
  • Daniel LowreyThu, 30 Jan 2014 17:17:23 +0000
    • Yasuo OhgakiFri, 31 Jan 2014 21:47:50 +0000
      • Daniel LowreyFri, 31 Jan 2014 22:08:26 +0000
        • Daniel LowreySat, 01 Feb 2014 17:47:31 +0000
          • Pádraic BradySun, 02 Feb 2014 00:27:55 +0000
            • Daniel LowreySun, 02 Feb 2014 17:37:54 +0000
• Daniel LowreySun, 02 Feb 2014 17:43:04 +0000Re: Improved TLS Defaults
  • Pádraic BradySun, 02 Feb 2014 19:38:13 +0000Re: Re: Improved TLS Defaults
    • Yasuo OhgakiMon, 03 Feb 2014 01:58:33 +0000
      • Daniel LowreyMon, 03 Feb 2014 20:09:16 +0000
• Daniel LowreyFri, 07 Feb 2014 02:50:35 +0000Re: Improved TLS Defaults