<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
So I would ! for all TLS 1.2 strings ? Leaving only the TLS1.3
suites ?<br>
<br>
Maybe a example config line would be good please. Sorry this is more
OpenSSL and off topic a bit.<br>
<br>
<br>
<div class="moz-cite-prefix">On 2/19/2019 5:54 AM, Chris via
Unbound-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:9a2de7a1-cfcb-e149-88c4-68f63d59f0ff@xymox1.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Hmm.. I am unclear..<br>
<br>
Would I disallow all TLS1.2 to allow only TLS1.3 ?<br>
<br>
<div class="moz-cite-prefix">On 2/19/2019 5:15 AM, A. Schulze via
Unbound-users wrote:<br>
</div>
<blockquote type="cite"
cite="mid:20190219131556.Horde.TjsPruBuvJeAv_lK4rd6HLV@andreasschulze.de"><br>
John via Unbound-users: <br>
<br>
<blockquote type="cite">
<blockquote type="cite">tls-ciphers: <string with cipher
list> <br>
</blockquote>
</blockquote>
<br>
assumed unbound is compiled/linked with openssl, then it's the
usual openssl cipher selection 'language' <br>
see "man ciphers" or <a class="moz-txt-link-freetext"
href="https://www.openssl.org/docs/manmaster/man1/ciphers.html"
moz-do-not-send="true">https://www.openssl.org/docs/manmaster/man1/ciphers.html</a>
<br>
<br>
Andreas <br>
<br>
<br>
</blockquote>
-------- Forwarded Message --------
<table class="moz-email-headers-table" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Subject:
</th>
<td>Unbound 1.9 tls-ciphers Settings</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Date: </th>
<td>Tue, 19 Feb 2019 06:37:41 +0100</td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">From: </th>
<td>John via Unbound-users <a class="moz-txt-link-rfc2396E"
href="mailto:unbound-users@nlnetlabs.nl"
moz-do-not-send="true"><unbound-users@nlnetlabs.nl></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">Reply-To:
</th>
<td>John <a class="moz-txt-link-rfc2396E"
href="mailto:unbound@2020.temporarily.de"
moz-do-not-send="true"><unbound@2020.temporarily.de></a></td>
</tr>
<tr>
<th valign="BASELINE" nowrap="nowrap" align="RIGHT">To: </th>
<td><a class="moz-txt-link-abbreviated"
href="mailto:unbound-users@nlnetlabs.nl"
moz-do-not-send="true">unbound-users@nlnetlabs.nl</a></td>
</tr>
</tbody>
</table>
<br>
<br>
Hello Unbound List<br>
<br>
Since this relaease 1.9. is it possible, to make settings for<br>
tls-ciphers<br>
tls-ciphersuites<br>
tls-session-ticket-keys<br>
<br>
Unfortunately nowhere is written which values can be used<br>
In <a class="moz-txt-link-freetext"
href="https://nlnetlabs.nl/documentation/unbound/unbound.conf/"
moz-do-not-send="true">https://nlnetlabs.nl/documentation/unbound/unbound.conf/</a><br>
is only written<br>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">tls-ciphers: <string with cipher list>
</pre>
</blockquote>
<br>
If I wants to set i.e. only TLS 1.3 how have I to write it<br>
tls-ciphers: tls-1.3<br>
or have I to use tls-ciphersuites?<br>
<br>
Maybe someone can tell me about the values which I can use?<br>
<br>
Regards<br>
John<br>
</blockquote>
<br>
</body>
</html>