Closed bnevis-i closed 2 years ago
@bnevis-i makes sense. I don't think we need to make it configurable, just always request v1.3. PTAL #781
@marquiz Do you know when this will be released into a tagged version?
@marquiz Do you know when this will be released into a tagged version?
Not sure yet. We don't have much new content since the last release. Nevertheless, I've been thinking about a more regular and predictable cadence. So let's say perhaps within a month 😊
What would you like to be added: NFD should allow TLSMinVersion to be specified as part of configuration. Would like to further request that the default be TLSv1.3.
Why is this needed: By default, the NFD master node allows TLSv1.0 and TLSv1.1 which can violate organizational policies. testssl.sh report reproduced below (installed from helm with tls enabled using certManager):