On 08.12.11 00:38, aparna Puram wrote:
I understand from your mail that the following 2 cipher suites will work
with the existing and the new clinet configurations.

Kindly correct me if I m wrong.

1-->!ADH:!EXPORT56:DES-CBC-SHA:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
2-->!ADH:!MD5:DES-CBC-SHA:RC4+RSA:+HIGH:+MEDIUM

However the first cipher suite contains MD5, which is not preferable due to
security reasons.

you disallow md5 due to security reasons, but allow null,export and low ciphers? :-)

I use DEFAULT:!EXP:!LOW and I hope that's enough. you can excloude MD5 from those but I'd like to see your "security" reasons, due to paragraph above.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
  "   from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to