On Mon, 21 Apr 2014, Elan Ruusamäe wrote: > https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite > > should we update our apache (and other browser) ciphers list based on that?
Our current ciphers list is: ALL:!ADH:!EXP:!LOW:!SSLv2:RC4+RSA:+HIGH:+MEDIUM instead of putting there random list of ciphers we can achieve the same effect just by disabling the weak ones, like this: ALL:!ADH:!EXPORT!LOW:!SSLv2:!DES:!3DES:!aNULL:!eNULL:!MD5:!PSK:!SEED:+HIGH:+MEDIUM Looks better IMO. -- Jan Rękorajski | PLD/Linux SysAdm | http://www.pld-linux.org/ baggins<at>mimuw.edu.pl baggins<at>pld-linux.org _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
