On Fri, Sep 22, 2000 at 08:12:37PM -0500, maistaff wrote:
> As RC4 is vulnerable to known plaintext attack (which is a problem with webpages
> having known headers - hence making finding the key, 40 bit or 128 bit, not
> difficult)
Uhm - where did you get that idea? Link?
> I would like to set the defaults for Apache+mod_ssl and the certificates
> for a VPN to use 3DES (which is not so easily broken). Any ideas on an easy way to
> do this?
>
The certificates are the same, no matter which cipher suite it is - you
should instead look into setting SSLCipherSuite - see
http://www.modssl.org/docs/2.6/ssl_reference.html#ToC9
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
