Hello,
On 01.11.2013 22:34, Viktor Dukhovni wrote:
On Fri, Nov 01, 2013 at 09:56:10PM +0100, Walter H. wrote:
Which one of the following two is better (1) or (2)?
(1)
SSL_CIPHER=DHE-RSA-CAMELLIA256-SHA
$ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA
DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256)
Mac=SHA1
(2)
SSL_CIPHER=AES128-SHA256
$ openssl ciphers -v AES128-SHA256
AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128)
Mac=SHA256
They're both fine.
Does your application need to perform faster, offer forward-secrecy, be
most interoperable, ... ?
these was the result of using 2 different browsers with the same SSL
website ...
(1) an old firefox
(2) the latest IE - IE11 on Win 8.1
https://ssl.mathemainzel.info/info/
you can try your browser ...
how would I define forward-secrecy on Apache webserver?
Thanks,
Walter
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
