On Sat, Nov 14, 2015 at 11:11 PM, Daniel Stender wrote: > One of the main goals of this project is to keep the code base as lean as > possible to be fast and to reduce security risks. s2n implements SSLv3, > TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and > 256-bit AES, in the CBC and GCM modes, 3DES, and RC4.
SSLv3 and RC4 have been shown to be insecure, please disable support for these in the Debian package and talk to upstream about dropping them. -- bye, pabs https://wiki.debian.org/PaulWise
