On 2/2/19 4:01 PM, Gary E. Miller via devel wrote: > Very common in the Apache, nginc, postfix and sendmail communities. > > For example. you set one virtual server for cell phone clients, using > less strong ciphers, and another for admin clients with the strongest > ciphers. So the cell phones are fast, and the admin is safe.
+1. I do stuff like this in the real world. At $WORK, our publicly facing website has nothing confidential on it and is used by ISP customers who sometimes run truly ancient PCs. (This may be worse than average because we're in a lower-income rural area.) I am subject to PCI DSS auditing on various servers, so they require TLS 1.2. But on the public website, I allow something older (TLS 1.0 still, I think). -- Richard
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
