httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William A Rowe Jr <wr...@rowe-clan.net>
Subject Re: SSL/TLS best current practice
Date Tue, 26 May 2015 16:25:50 GMT
On Tue, May 26, 2015 at 10:45 AM, Yann Ylavic <ylavic.dev@gmail.com> wrote:

> On Tue, May 26, 2015 at 5:29 PM, Andy Wang <awang@ptc.com> wrote:
> >
> >> #   SSL Cipher Suite:
> >> #   List the ciphers that the client is permitted to negotiate.
> >> #   See the mod_ssl documentation for a complete list.
> >> SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
> >> SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
> >
> > !aNULL isn't needed?
>
> No since !aNULL:!eNULL:!EXP is forcibly added to the configured
> ciphersuite.
>

A legitimate question, however.  The example should document this IMHO.
Getting right on that.

Mime
View raw message