Comment 6 for bug 1841936
Revision history for this message
| Christian Ehrhardt (paelzer) wrote Re: Rebuild haproxy with openssl 1.1.1 will change features (bionic) | #6 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
I talked with Alex of the security Team.
Here the TL;DR summary:
- security would prefer and be +1 on enabling TLSv1.3 in haproxy in Bionic
- Server team is ok as well, while it is a feature addition it seems not to take away any
- thereby it would fall under the third section of [1] "add features without affecting existing
features"
- In case the SRU Team "nacks" this upload then instead we should prepare and upload a change to
"avoid to enable TLSv1.3 by accident"
I checked later releases, >=Disco are already built with the new version so no other than Bionic would need to be changed.
[1]: https:/