Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
None
-
None
-
None
-
None
Description
The feedback plugin site https://mariadb.com/kb/en/feedback-plugin/ still gets a lot of TLS 1.0 and TLS 1.1 traffic, even though those protocols are soon to be deprecated globally.
Are the clients just really old or is MariaDB still shipping TLS 1.0/1.1 in new installations?
We should ensure that at least all new MariaDB installations use TLS 1.2+ for submission of feedback data.
mariadb@mariadb_bd25b5:/data/slog$ tail -n 1 mariadb_*_access.log
|
mariadb.org 189.207.44.170 - - [06/Mar/2020:00:21:11 +0100] "POST /feedback_plugin/post HTTP/1.0" 302 11 "-" "MariaDB User Feedback Plugin" - "Seravo;sid:1f4a77a2419b1e0b9fc40e03e56db445;sslproto:TLSv1.1;" 0.377
|