> Does this warrant a note in the wiki under our LDAP section? I'd like to do a little more research since there's some good indication that requiring AES 256 encryption was a customization. OpenSSL considers AES 128 w/SHA1, which Java supports out of the box, a high-strength cipher:
openssl ciphers HIGH:-SSLv2 ADH-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:ADH-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:ADH-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA If his config is what comes with Debian out of the box, then I'd say we'd definitely want to document the problem and how to configure the high-strength ciphers in Java. I'll pull down the Lenny package in the next few days and review the config to determine. M -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
