On Mon, Jul 08, 2013 at 01:53:46PM +1000, Damien Miller wrote:
> On Sun, 7 Jul 2013, Aaron Stellman wrote:
>
> > On Tue, Apr 23, 2013 at 09:08:19AM +0200, Otto Moerbeek wrote:
> > > If there is any interest, I might add the manual stuff, get ok's and
> > > commit it.
> >
> > I find it useful to have SSLHonorCipherOrder in OpenBSD's apache.
>
> More than that, AFAIK it is necessary to mitigate some of the TLS crypto
> attacks. IMO it is well worth having.
>
> It would also be good if someone could make a patch to enable ECDHE cipher
> suites in Apache-1.x. This nginx patch is a good reference to what needs to
> be done:
>
> http://hg.nginx.org/nginx/rev/0832a6997227
>
> -d
So there seems some interest. So I'd like to get ok's so I can commit
it.
-Otto
