User story #9502
Updated by Alexis Mousset over 6 years ago
We can add a configuration option, usable when all agents are >= 4.0.0, where: * We only generate key-based acl: improved security (and speed in cf-serverd, because we skip the very unefficient hostname comparison), get rid of all the DNS issues * @allowlegacyconnects => { }@ to completely block old protocol * Maybe add restriction on used protocols/cipher (allowtlsversion, allowciphers, tls_min_version, tls_ciphers) This could be the default for new installs.