On Mon, Aug 19, 2013 at 08:06:49PM +0200, Kurt Roeckx wrote: > I understand that the MAC itself doesn't make much difference, but > we should probably avoid MD5. I see no SHA256 MACs except for GCM > which probably isn't a problem.
I'm having mixed feelings about SHA1 / SHA256. I think it makes sense to move to SHA256 even when SHA1 isn't broken as used here. But since we do this already use it for GCM, and that's on top of the list, I think it's fine. > I'm concerned that DHE_RSA_WITH_3DES_EDE_CBC_SHA is dropped, since > it's the only one with PFS that some sites support. Can I suggest > you add that before the ECDHE_*_RC4 ciphers? I also just noticed that all GCM suites we have are ECDHE versions. I would like to have a DHE version too since apache 2.2 doesn't support ECDHE but does have support for the DHE GCM ciphers. I would like to see that as first non-ECDHE cipher in the list. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto