> On Dec 22, 2017, at 7:03 AM, Salz, Rich <rs...@akamai.com> wrote:
>
> Having said that, the answer is upgrade to a supported version, ideally 1.1.0
A better answer is typically to deploy the latest patched version from the
platform vendor. And to not enable SSLv2 or SSLv3. Most applications
support configurable cipher strings. If one wants to disable DES and 3DES
just set the cipherstring to:
DEFAULT:!3DES:!LOW:!EXPORT
plus any other desired exclusions.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
