Skip to main content
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] trip report from upgrading a machine 
Roger Light via mosquitto-dev <mosquitto-dev@xxxxxxxxxxx> writes:

> There's a big difference between "unencrypted is insecure" and "TLS
> 1.1 is insecure" - there's no expectation for unencrypted to be
> secure.

True, and having it off by default, and even throwing a Big Scary
Warning seems totally fine.  My real point is that I think there are
people that want to enable it because they have some deployed sender.

> I'll see about adding 1.1 support back in, although I would say that
> TLS 1.2 existed before the mosquitto project existed!

Thanks!  I believe you, but to me the question is whether anyone using
mosquitto has clients that only do 1.1, that they can't upgrade.  And
then whether we can comfortably say to them "we don't know anything
about your world and your constraints, security and operational, but
your desire to turn on 1.1 is wrong; you're just going to lose and we
think that's fine".  I know what sounds pointed, but that's how I see
it.

I will try to figure out nodemcu's status more; perhaps it's 1.2 and I'm
confused -- but my config file has a note that says 1.1.

Back to the top