Remove support for tls_allowed_dn_list

[PATCH 2/2] news: Add information about removing tls_allowed_dn_list

Posted by Martin Kletzander 4 years, 3 months ago

Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
---
 NEWS.rst | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/NEWS.rst b/NEWS.rst
index 983153a63123..32bd0a43330e 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -15,6 +15,12 @@ v7.10.0 (unreleased)
 
 * **Removed features**
 
+  * tls: Removed support for ``tls_allowed_dn_list``
+
+    This configuration knob was deemed not only non-reliable, but also unsafe
+    due to the fact that its ability to forbid a remote connection could
+    misbehave if configured improperly, which was not always intuitive.
+
 * **New features**
 
 * **Improvements**
-- 
2.33.1

Re: [PATCH 2/2] news: Add information about removing tls_allowed_dn_list

Posted by Ján Tomko 4 years, 3 months ago

On a Tuesday in 2021, Martin Kletzander wrote:
>Signed-off-by: Martin Kletzander <mkletzan@redhat.com>
>---
> NEWS.rst | 6 ++++++
> 1 file changed, 6 insertions(+)
>

Reviewed-by: Ján Tomko <jtomko@redhat.com>

Jano

[PATCH 1/2] tls: Drop support for tls_allowed_dn_list
[PATCH 2/2] news: Add information about removing tls_allowed_dn_list