httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matus UHLAR - fantomas <>
Subject Re: [users@httpd] SSL cipher suite modification
Date Thu, 08 Dec 2011 14:09:58 GMT
On 08.12.11 00:38, aparna Puram wrote:
>I understand from your mail that the following 2 cipher suites will work
>with the existing and the new clinet configurations.
>Kindly correct me if I m wrong.
>However the first cipher suite contains MD5, which is not preferable due to
>security reasons.

you disallow md5 due to security reasons, but allow null,export and low 
ciphers? :-)

I use DEFAULT:!EXP:!LOW and I hope that's enough. you can excloude MD5 
from those but I'd like to see your "security" reasons, due to 
paragraph above.
Matus UHLAR - fantomas, ;
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Linux is like a teepee: no Windows, no Gates and an apache inside...

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message