GitLab

Currently we provide support for establishing connections with SRP authentication. Unfortunately the SRP protocol in TLS has not been updated for very long time and it is hard-coded to utilize SHA1. Given that SHA1 is considered to be a broken algorithm, keeping SRP is a liability. We should consider dropping SRP if there is no updated draft of it.