Ticket UUID: | 8f244fed8259aaf87ccc544a17e30ad340420f44 | |||
Title: | Add client certificate support to OFTLSStream | |||
Status: | Open | Type: | Feature Request | |
Severity: | Important | Priority: | Low | |
Subsystem: | Resolution: | Open | ||
Last Modified: | 2024-05-22 20:13:27 | |||
Version Found In: | Milestone: | |||
User Comments: | ||||
js added on 2021-11-21 10:00:39:
OFTLSStream currently provides no options. It would be nice to have options to enable/disable certain TLS versions, allow client-side certificates, etc. However, this needs special care as various TLS libraries handle that very differently, so an abstraction needs to be found that works with all of them. js added on 2023-12-29 13:17:01: Actually, letting the user select the allowed TLS protocol versions might be a bad idea, as then every application potentially needs to be updated in case new TLS issues become known. It is probably better to leave the defaults of the TLS implementation. |