effectively disabled support for the SSL protocols. SSL remains a
common term describing SSL/TLS, there is some controvery about this
change, and the name really doesn't matter, but I feel confident about
it now.
(btw., sthen@ pointed out some historical context:
http://tim.dierks.org/2014/05/security-standards-and-name-changes-in.html)
OK benno@, with input from tedu@
Treat rtsol in hostname.if as a keyword like dhcp and call ifconfig
inet6 autoconf.
"reads good" todd@
OK krw@ (who is *not* an IPv6 person), but I recruited him in his
capacity as an installer person.
often space-constrained /var filesystem was a historical mistake. There
are big implications for the daemons which assume they won't run out of
space, and this is a first step towards trying to improve the situation.
Move /tmp to the same 7-day expiration rules that /var/tmp had.
vi.recover works just as well as before, except on memory filesystems;
indicating that vi should be repaired to write files into homedirs or
something.
done with rpe
ok many
relevant example snippet in the relayd.conf(5) man page.
Change the default SSL protocols in the example file/man page to
"no tlsv1.0" (suggested by sthen@), which will enable the TLSv1.1
and TLSv1.2 protocols only.
feedback/ok jsing@ reyk@ sthen@
There is one table in the default configuration which is 'aliases' and
the db can be created using newaliases(8).
"go for it" guenther@
ok sthen@ matthieu@ gilles@
with autoconf enabled.
If one is doing SLAAC one does already trust link local icmp6 so the
policy for icmp6 redirects should be the same.
pointed out by & OK bluhm@; OK henning@
it available during a regular install or upgrade so that it doesn't
need to be independently fetched.
Idea, directions and OK deraadt@
Feedback and Ok halex@ and aja@
included in httpd.conf. httpd(8) now supports both mime.types
flavours with or without semicolon at the end of the line (nginx- or
apache-style).
Discussed with many, with input from halex@
OK halex@
miod