[nsd-users] NSD 4.13.0rc1 pre-release
A.Schulze
sca at andreasschulze.de
Tue Aug 26 16:02:21 UTC 2025
Am 26.08.25 um 14:45 schrieb Jannik Peters via nsd-users:
> NSD 4.13.0 pre-release is available:
Hello,
the new version build without any compile-time warnings and run in my lab environment now.
I scanned an instance (DoT enabled) with https://github.com/drwetter/testssl.sh
some interesting points from that report:
1. ALPN/HTTP2 h2, spdy/3.1, http/1.1, grpc-exp, h2-fb, spdy/1, spdy/2, spdy/3, stun.turn, stun.nat-discovery, webrtc, c-webrtc, ftp (offered)
I think, this is unneeded as DoT has nothing to do with HTTPS, it's simply TLS
2. Finite field group: ffdhe2048 ffdhe3072
Most modern TLS stacks support Key-Exchange with Elliptic curves which are much faster and cheaper.
Postfix, for example, offer an option to disable FFDHE at all: https://www.postfix.org/postconf.5.html#tls_ffdhe_auto_groups
Andreas
More information about the nsd-users
mailing list