Gary E. Miller via devel <[email protected]>: > > Can we toss out these cipher config options in favor of a mechanism > > that *discovers* what the available cipher are and does the right > > thing? > > No. Required for testing. Required for crypto emergencies. The > history of Apache, nginx, postfix and sendmail show these options > have been essential over the years.
Then we (a) do cipher discovery, and (b) have a server-wide option to force
the cipher for testing. You can add it to nts.adoc.
And that will be the end of *this* discussion.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
