httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Mearns <>
Subject Re: [users@httpd] Is it okay to not use exportable ciphers?
Date Thu, 20 Aug 2009 19:40:11 GMT
On Thu, Aug 20, 2009 at 3:24 PM, Sander Temme<> wrote:
> On Aug 20, 2009, at 3:16 PM, Brian Mearns wrote:
>> For the sake of security, I'd like to configure my SSL/TLS server to
>> not allow export level ciphers (using the SSLCipherSuite directive).
>> Is this going to realistically limit the number of people who can use
>> a secure connection to my site? Specifically, will visitors from other
>> countries (outside the US) be able to support the stronger
>> (non-exportable) ciphers?
> You can configure a logfile to record what ciphers your users are currently
> using, and draw conclusions from that.
> S.

Good idea, but I'm not currently getting many users. I'm thinking in
the long term, I don't want to lock out potential visitors just
because they're using weak crypto.


Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from:

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message