Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #10924 Update default configuration TLS cipher suites (early 2018 edition)
    Actions
    Infos
    #10924
    Thomas Gerbet (tgerbet)
    2018-03-15 09:50
    2017-12-13 17:39
    11259
    Details
    Update default configuration TLS cipher suites (early 2018 edition)
    In the beginning of this year the default configurations provided by Tuleap regarding TLS have been updated to match quite recent recommendation (see request #9903).


    Since we do not really care about users relying on IE8 and Windows XP to access Tuleap, I'm going to propose contributions to move to the modern level of Mozilla's recommendations [1]. Minimal browsers level will become Firefox 27, Chrome 30, IE 11 on Windows 7 or Edge. This is still far better than what Tuleap officially supports so it should not be an issue.


    [1] https://wiki.mozilla.org/Security/Server_Side_TLS
    Other
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Empty
    Closed
    2018-01-16
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #10877 Tuleap Releases 9.17 Delivered 2018-01-31 14:03 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #10924

    Artifact Tracker v5

    request #14126 Update default TLS configurations

    Git commit

    tuleap/tuleap/stable

    Merge commit 'refs/changes/57/10157/2' of ssh://gerrit.tuleap.net:29418/tuleap 23e0867c0d
    User avatar Manuel Vacelet (vaceletm) , 2018-01-16 11:28
    request #10924: Update default configuration TLS cipher suites (early 2018 edition) aecb4bca12
    User avatar Thomas Gerbet (tgerbet) , 2018-01-15 17:33
    Display settings

    Follow-ups

    User avatar
    Thomas Cottier (tcottier)2018-03-15 09:50
    For eventual other impacted users: SVN integration in Visual Studio 2010 does not work due to this conf, I had to switch back to the intermediate level of Mozilla's recommendations.
    User avatar
    Manuel Vacelet (vaceletm)2018-01-16 11:26

    Integrated in 9.16.99.63

    • Status changed from Under review to Closed
    • Connected artifacts
    • Close date set to 2018-01-16
    User avatar
    Thomas Gerbet (tgerbet)2018-01-15 17:32
    A patch is under review: gerrit #10157.
    • Summary
      -Update default configuration TLS cipher suites (end of 2017 edition) 
      +Update default configuration TLS cipher suites (early 2018 edition) 
    • Status changed from Verified to Under review