Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 7:28 PM, William A Rowe Jr wrote: > > Was hoping for md4 vs. aes128 comparisons, (and AES-NI isn't everywhere, > but will be, soon enough). On my box with AES-NI disabled: $ openssl speed aes-128-cbc Doing aes-128 cbc for 3s on 16 size blocks: 14536333 aes-128 cbc's in 3.00

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 12:35 PM, Eric Covener wrote: > On Tue, May 5, 2015 at 1:28 PM, William A Rowe Jr > wrote: > > Was hoping for md4 vs. aes128 comparisons, (and AES-NI isn't everywhere, > > but will be, soon enough). > > > > While I agree md4 is less desirable, if we were going to make a >

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 1:28 PM, William A Rowe Jr wrote: > Was hoping for md4 vs. aes128 comparisons, (and AES-NI isn't everywhere, > but will be, soon enough). > > While I agree md4 is less desirable, if we were going to make a > recommendation, > I'd go with favoring aes128 over md4 but retain m

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 12:06 PM, Yann Ylavic wrote: > On Tue, May 5, 2015 at 6:26 PM, William A Rowe Jr > wrote: > > On Tue, May 5, 2015 at 2:47 AM, Yann Ylavic > wrote: > >> On Tue, May 5, 2015 at 3:19 AM, wrote: > >> > >> Also I'd suggest removing RC4 from the latter suite, it is not > >> c

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 6:26 PM, William A Rowe Jr wrote: > On Tue, May 5, 2015 at 2:47 AM, Yann Ylavic wrote: >> On Tue, May 5, 2015 at 3:19 AM, wrote: > >>> +SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 > >>> +#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5 > >> There possibly should be "

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 11:26 AM, William A Rowe Jr wrote: > > openssl ciphers -v 'ALL:!HIGH:!MEDIUM' | grep exp > After further scrutiny... openssl ciphers -v 'ALL:!HIGH:!MEDIUM:!LOW' | grep exp export falls under 'none of the above'.

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 2:47 AM, Yann Ylavic wrote: > On Tue, May 5, 2015 at 3:19 AM, wrote: >> Author: wrowe >> Date: Tue May 5 01:19:20 2015 >> New Revision: 1677721 >> >> URL: http://svn.apache.org/r1677721 > [] >> Modified: httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in >> URL:

Re: svn commit: r1677721 - /httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in

On Tue, May 5, 2015 at 3:19 AM, wrote: > Author: wrowe > Date: Tue May 5 01:19:20 2015 > New Revision: 1677721 > > URL: http://svn.apache.org/r1677721 [] > Modified: httpd/httpd/branches/2.2.x/docs/conf/extra/httpd-ssl.conf.in > URL: > http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/doc