Skip to content

Update TIdSSLIOHandlerSocketOpenSSL to enable TLS 1.1 and 1.2 by default #13

New issue
New issue
Open
Open
Update TIdSSLIOHandlerSocketOpenSSL to enable TLS 1.1 and 1.2 by default#13
Assignees
rlebeau
Labels
Element: SSL/TLSIssues related to SSL/TLS handling, TIdSSLIOHandlerSocketBase and descendantsStatus: In ProgressIssue is being worked onType: MaintenanceIssue is proposing maintenance of existing code
Milestone
IndyTLSOpenSSL 1.0
@rlebeau

Description

@rlebeau
rlebeau
opened on Aug 16, 2017

TIdSSLIOHandlerSocketOpenSSL currently enables only TLS 1.0 by default, but public servers are slowly moving away from TLS 1.0 and now requiring TLS 1.1 and higher, so the SSLOptions.SSLVersions property should be updated to enable TLS 1.1 and 1.2 by default.

FYI, many servers, like Office 365, are even starting to drop support for TLS 1.1 and now require TLS 1.2 or higher only.

Also, read up about the BEAST attack against TLS 1.0.

Metadata

Metadata

Assignees

Labels

Element: SSL/TLSIssues related to SSL/TLS handling, TIdSSLIOHandlerSocketBase and descendantsStatus: In ProgressIssue is being worked onType: MaintenanceIssue is proposing maintenance of existing code

Type

No type

Projects

Indy 10.7

Status

In review

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions