mirror of
https://github.com/zulip/zulip.git
synced 2025-11-02 04:53:36 +00:00
c97ca677c9
Disable TLS 1.0 and TLS 1.1. (We no longer need to support IE8 on Windows XP.) Prefer client-selected cipher order. (Now that all enabled ciphers provide good security, this allows mobile clients lacking AES hardware acceleration to pick ChaCha20 for better performance.) Disable session tickets. (Mozilla discourages them based on https://www.imperialviolet.org/2013/06/27/botchingpfs.html.) Signed-off-by: Anders Kaseorg <anders@zulipchat.com>