On 31 May 2017 08:45:23 -0600, "Andy Bradford" said: > Is it possible for the client (nmh) to control which ciphers it will > negotiate with the server? I think it makes sense to leave TLS 1.0 in > there as long as the client has control over which ciphers it uses.
TLS 1.0 has known issues even if the most secure ciphers available in 1.0 are selected. It can get whacked by both BEAST and POODLE, among other things I didn't bother googling...
pgpL3J_lLHUhE.pgp
Description: PGP signature
_______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
