On 1/8/2019 7:10 PM, Viktor Dukhovni wrote: > The intent is that you SHOULD NOT generally customize the list. All > the ciphers in question are quite safe, and if the default changes, > you should probably go with that, rather than a frozen time-capsule > version. > > Is there a good reason to want to change or freeze them at this time? >
Our products allow the user to enable and disable individual ciphers, to allow for both customer policy (e.g. a customer-specific approved-cipher list) and for the possibility that one is found to be vulnerable. They are "quite safe" today... but what about tomorrow? -- Jordan Brown, Oracle Solaris
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
