Have a look at http://mail-archives.apache.org/mod_mbox/httpd-dev/200511.mbox/%[email protected]%3e
> -----Original Message----- > From: Ivan Ristic > Sent: Donnerstag, 26. November 2009 15:26 > To: [email protected] > Subject: Re: better SSL defaults in 2.4 > > Speaking of the SSL defaults, has anyone come up with > something better than: > > BrowserMatch ".*MSIE.*" \ > nokeepalive ssl-unclean-shutdown \ > downgrade-1.0 force-response-1.0 > > Is anyone aware of any good reference that documents why the above > code was added, and perhaps also explains how to test and what exactly > the consequences of not using the snippet are? > > I am willing to test recent IE versions to see how they behave, but > it'd be nice if I could have a decent starting point. > > > On Wed, Nov 18, 2009 at 2:54 PM, Jeff Trawick > <[email protected]> wrote: > > enable session cache by default? > > > > change SSLMutex default to "SSLMutex default" instead of > "SSLMutex none"? > > (does this default to "none" to avoid checking if a session cache is > > enabled before creating the mutex?) > > -- > Ivan Ristic > ModSecurity Handbook [https://www.feistyduck.com] > SSL Labs [https://www.ssllabs.com/ssldb/] >
