We are considering removing weak cryptography from the value of DEFAULT. That is, append ":!LOW:!EXPORT"
It is currently defined as this in include/openssl/ssl.h: #define SSL_DEFAULT_CIPHER_LIST "ALL:!aNULL:!eNULL:!SSLv2" Please let us know if you have strong objections to this. -- Principal Security Engineer Akamai Technologies, Cambridge MA IM: rs...@jabber.me Twitter: RichSalz ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org