> I am not an OpenSSL developer, but it seems to me that system default
> cipherlists are not a good idea.
+1
I'd rather see the ability to add a new section openssl.cnf, like
[ cipher-profile ]
redhat-recommended = AES256-CGM-SHA384
and then you could do things like
-ciphers profile@redhat-recommended:RC4-SHA128
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
