| 6 Sep 2024 |
 hexa | E_TOOMANYEMILIES | 17:01:32 |
| hexa | * E_TOOMANYEMILYS | 17:01:42 |
 networkException | M_NOT_ENOUGH_EMILYS | 17:26:36 |
 adamcstephens | merged | 21:26:16 |
| 7 Sep 2024 |
| hexa | https://seclists.org/tcpdump/2024/q3/3 | 03:30:00 |
 Markus Theil | After fixing some build issues of systemd dependencies, the OpenSSL update is now ready for review from my side: https://github.com/NixOS/nixpkgs/pull/339614 | 09:20:38 |
| Markus Theil | OpenSSL increased the default security level from version line to version line: https://docs.openssl.org/1.1.1/man3/SSL_CTX_set_security_level/
With OpenSSL 3.2+ the default is 2. | 09:27:56 |
| Markus Theil | Should we define this to a lower default or should users deal with it? | 09:28:19 |
| Markus Theil | 3.0.x used level 1. | 09:29:53 |
 emily | In reply to @mtheil:scs.ems.host
Should we define this to a lower default or should users deal with it? let's not opt in to worse security, users can deal with it unless it causes mass breakage | 10:44:16 |
| emily | not even mail servers should be using SSL 3.0 or 1024-bit RSA | 10:45:25 |
| emily | (let's move this to the non triage room though?) | 10:46:53 |
|  @vincenttc:matrix.org left the room. | 16:19:37 |
