On 6 September 2013 21:43, Matthias Wimmer <[email protected]> wrote: > Hi Dave, > > El 2013-09-06 21:24:39, Dave Cridland escribió: >> I may be talking rubbish, but shouldn't the server be overriding the >> client's order by default anyway? > > Default is the client's priority list. But as the selection is done by > the server, you can override this. In GnuTLS this is done with > %SERVER_PRECEDENCE. I don't know if OpenSSL has a switch for this as > well.
It does, SSL_OP_CIPHER_SERVER_PREFERENCE: https://www.openssl.org/docs/ssl/SSL_CTX_set_options.html It's not clear to me that there is a strong reason for servers to enable this option, except that clients don't seem particularly competent at choosing for themselves right now... Regards, Matthew _______________________________________________ JDev mailing list Info: http://mail.jabber.org/mailman/listinfo/jdev Unsubscribe: [email protected] _______________________________________________
