>>>>> "KR" == Kurt Roeckx <k...@roeckx.be> writes:
KR> On Mon, Sep 11, 2017 at 11:33:22AM +0200, Raphaël Hertzog wrote: >> Or at least I would like a system-wide flag (in a configuration file?) to >> let me re-enable old protocols easily. KR> It was my understanding that other people also prefered to do this KR> on a per package level and not system wide. But the other way round. Openssl should by default support >= 1.0, and the individual packages should be the ones to limit it to 1.2 or later. That limit should be run-time and the config files which do it should have comments explaining exactly how to undo it. And packages like MTAs and web servers should have those configs commented out so that they work by default with 1.0+. -JimC -- James Cloos <cl...@jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
