oss-sec mailing list archives
Re: openssl default ciphers
From: Reed Loden <reed () reedloden com>
Date: Mon, 4 Nov 2013 12:37:38 -0800
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The Mozilla opsec guys wrote up some good guidelines recently on what they consider a good TLS cipher suite choice should be, but even if you didn't want to go all-out by making the default ultra-secure (with full PFS, etc.), they explain their choices fairly well, so should be useful in trying to figure out a middle ground that makes most people happy. https://wiki.mozilla.org/Security/Server_Side_TLS ~reed -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iKYEARECAGYFAlJ4BZJfFIAAAAAALgAoaXNzdWVyLWZwckBub3RhdGlvbnMub3Bl bnBncC5maWZ0aGhvcnNlbWFuLm5ldDZCNTZGOUFDMDdCNjg1RDdEQzQ1NjBEQTZC QTIyMjI2RjNDMzNENUEACgkQa6IiJvPDPVrsJwCeIw5lo0/5JiV1z0fsz+rGigai 0UYAoMRIc5jKSxKRpd2iM54hwyotLPid =uOgO -----END PGP SIGNATURE-----
Current thread:
- openssl default ciphers Stefan Bühler (Nov 04)
- Re: openssl default ciphers Daniel Kahn Gillmor (Nov 04)
- Re: openssl default ciphers Eric H. Christensen (Nov 04)
- Re: openssl default ciphers Hanno Böck (Nov 04)
- Re: openssl default ciphers Russ Allbery (Nov 04)
- Re: openssl default ciphers Stefan Bühler (Nov 04)
- Re: openssl default ciphers Mike (Nov 04)
- Re: openssl default ciphers Eric H. Christensen (Nov 04)
- Re: openssl default ciphers leToff (Nov 04)
- Re: openssl default ciphers Stefan Bühler (Nov 05)
- Re: openssl default ciphers Florian Weimer (Nov 05)