enterprise-support team mailing list archive

Thread
Date

[Bug 1845263] [NEW] [wishlist] Add TLSv1.3 support to apache2 on Bionic

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Simon Déziel <1845263@xxxxxxxxxxxxxxxxxx>
Date: Tue, 24 Sep 2019 21:14:32 -0000
Reply-to: Bug 1845263 <1845263@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

Since LP: #1797386, openssl with TLS 1.3 support is available on Bionic.
This had the nice side effect of enabling TLS 1.3 for various services
(nginx, postfix, dovecot, etc) but not apache2.

TLS 1.3 support is required to use the "modern compatibility"
configuration recommended by Mozilla [1]. Since Bionic is an LTS release
and apache2 is popular and in main, it would be nice to have support for
TLS 1.3.

According to [2], support for TLS 1.3 was added in version 2.4.36 while
Bionic ships 2.4.29. Disco ships with 2.4.38 so should be OK.


1: https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility
2: https://ssl-config.mozilla.org/#server=apache&server-version=2.4.39&config=modern&openssl-version=1.1.1

** Affects: apache2 (Ubuntu)
     Importance: Undecided
         Status: Confirmed


** Tags: bionic wishlist

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1845263

Title:
  [wishlist] Add TLSv1.3 support to apache2 on Bionic

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1845263/+subscriptions

Follow ups

[Bug 1845263] Re: [wishlist] Add TLSv1.3 support to apache2 on Bionic
From: Launchpad Bug Tracker, 2020-03-02
[Bug 1845263] Re: [wishlist] Add TLSv1.3 support to apache2 on Bionic
From: Christian Ehrhardt , 2019-09-25