[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wget core dump on ubuntu 22.04
|
From: |
address@hidden |
|
Subject: |
Re: wget core dump on ubuntu 22.04 |
|
Date: |
Sun, 19 Mar 2023 19:10:08 +0200 (SAST) |
Even TLS 1.2 is not quite "current" - it dates back to 2008, TLS 1.3 was
published in 2018.
Quoting wikipedia:
Website protocol support (as per May 2022)
Protocol
version Website
support[87] Security
SSL 2.0 0.3% Insecure
SSL 3.0 2.5% Insecure
TLS 1.0 37.1% Deprecated
TLS 1.1 40.6% Deprecated
TLS 1.2 99.7% Depends on cipher and client mitigations
TLS 1.3 54.2% Secure
I suppose the main reason why TLS 1.2 is not deprecated yet is that the support
for TLS 1.3 in the field is not quite everywhere yet.
But anything called SSL is akin to no security at all. (There may still be
valid excuses for supporting it, especially if you don't really need the
connection to be secure and the effort for reconfiguration seems too high.)
Gerd
----- Original Message -----
From: "Jeffrey Walton" <noloader@gmail.com>
To: "Art Mellor" <art@skelmir.com>
Cc: "bug-wget" <bug-wget@gnu.org>
Sent: Sunday, March 19, 2023 6:38:17 PM
Subject: Re: wget core dump on ubuntu 22.04
On Tue, Feb 28, 2023 at 7:08 PM Art Mellor <art@skelmir.com> wrote:
>
> *% wget -v --tries=1 --secure-protocol=SSLv3 -T 3 --no-check-certificate
> https://localhost:1234 <https://localhost:1234>*
> --2023-02-28 12:15:09-- https://localhost:1234/
> OpenSSL: unimplemented 'secure-protocol' option value 2
> Please report this issue to bug-wget@gnu.org
> Aborted
Off topic, I would be interested in learning your use case for SSLv3.
Nowadays, it is usually TLS 1.2 and above. I even see TLS 1.0 and
above on occasion.
But not SSLv2 or SSLv3. SSLv2 died about 25 years ago, and SSLv3 died
about 10 years ago.
Jeff