On Sunday 19 October 2014 12:02:55, Francois Marier wrote:
On 2014-10-18 at 21:27:24, Stefan Fritsch wrote:
I don't think enabling SSLHonorCipherOrder by default is good. It
makes it nearly impossible for the clients to select what they
think is appropriate. Also, clients will be upgraded
On 2014-10-18 at 21:27:24, Stefan Fritsch wrote:
sslv3 will be disabled in the next upload (see #765347).
That's a very good start.
I don't think enabling SSLHonorCipherOrder by default is good. It
makes it nearly impossible for the clients to select what they think
is appropriate. Also,
Package: apache2
Version: 2.4.10-5
Severity: important
Tags: patch
Here's a patch for the sample TLS configuration which follows Mozilla's
intermediate compatibility config:
https://wiki.mozilla.org/Security/Server_Side_TLS#Apache
It makes Apache pick the best possible ciphers (for example,
3 matches
Mail list logo
