On 2/2/19 3:08 AM, Achim Gratz via devel wrote: > Changing the OpenSSL ciphersuites is typically done on system-level, > application-level is not unheard of, but I haven't personally seen a > per-server configuration.
I strongly disagree. This is absolutely, 100% commonly done at the application level. I have spent many, many hours doing this on systems I've built myself and on canned appliance-type things like cPanel. Apache is the most common example; there are hundreds of pages explaining this, for reasons over time like: - Addressing the BEAST attack - Addressing flaws in particular algorithms - PCI DSS compliance -- Richard _______________________________________________ devel mailing list [email protected] http://lists.ntpsec.org/mailman/listinfo/devel
