On 08/25/2016 03:37 PM, Yann Ylavic wrote:
Note that this thread recommends: DEFAULT:!EXPORT:!LOW:!MEDIUM which, with openssl 1.1, selects DHE-RSA-AES256-SHA before e.g. ECDHE-ECDSA-CHACHA20-POLY1305. So some tuning is needed there too...
Yeah, I honestly don't agree with Viktor's blanket recommendation... but I'm not a cryptographer, so what do I know? Either way, I don't think it's appropriate for a "strong encryption" document.
--Jacob --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
