On Thu, Aug 25, 2016 at 1:36 PM, Jacob Champion <champio...@gmail.com> wrote: > If you're interested, the relevant commit is r1757280 in httpd.
It looks reasonable / conventional wisdom to me. Only things that stuck out to me: - If we talk about BREACH we can't just show "SSLCompression off" because BREACH, IIUC, would affect deflate over TLS not just TLS compression. - The recent stuff about 3DES will probably require a re-sort or removal (bad timing) - IIUC there will be no renegotiation in TLS 1.3, so some of the ciphers-in-location stuff could maybe use a long-term caveat. -- Eric Covener cove...@gmail.com --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
