Mercurial > prosody-modules
view mod_warn_legacy_tls/README.markdown @ 5243:d5dc8edb2695
mod_http_oauth2: Use more compact IDs
UUIDs are nice but so verbose!
The reduction in entropy for the nonce should be fine since the
timestamp is also counts towards this, and it changes every second
(modulo clock shenanigans), so the chances of someone managing to get
the same client_secret by registering with the same information at the
same time as another entity should be negligible.
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sat, 11 Mar 2023 22:46:27 +0100 |
parents | 5073bbd86970 |
children |
line wrap: on
line source
TLS 1.0 and TLS 1.1 are about to be obsolete. This module warns clients if they are using those versions, to prepare for disabling them. # Configuration ``` {.lua} modules_enabled = { -- other modules etc "warn_legacy_tls"; } -- This is the default, you can leave it out if you don't wish to -- customise or translate the message sent. -- '%s' will be replaced with the TLS version in use. legacy_tls_warning = [[ Your connection is encrypted using the %s protocol, which has been demonstrated to be insecure and will be disabled soon. Please upgrade your client. ]] ``` ## Options `legacy_tls_warning` : A string. The text of the message sent to clients that use outdated TLS versions. Default as in the above example. `legacy_tls_versions` : Set of TLS versions, defaults to `{ "SSLv3", "TLSv1", "TLSv1.1" }`{.lua}, i.e. TLS \< 1.2.