On 18.11.2011 18:20, Kaspar Brand wrote:
On 18.11.2011 13:09, Rainer Jung wrote:
You might want to drop the -SSLv2 from our SSLCipherSuite in
docs/conf/extra/httpd-ssl.conf.in then as well.
You're right, yes. As there were no objections to the changes I proposed
on the list a few days ago, I now committed them with r1203752/r1203753.
If you generally agree with these modifications, I could also prepare
and propose a backport for 2.2.x (there's currently an earlier one from
you in 2.2.x's STATUS). Just let me know.
Fine with me. Current SSLCipherSuite for 2.2 definitely needs
improvement and latest 2.4 should be the way to go.
Except: Since SSLv2 is still available for 2.2, the -SSLv2 is needed in
the cipher list.
Please feel free to go ahead an remove my proposal.
Regards,
Rainer
