httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <>
Subject Re: [users@httpd] Is it okay to not use exportable ciphers?
Date Thu, 20 Aug 2009 19:24:28 GMT

On Aug 20, 2009, at 3:16 PM, Brian Mearns wrote:

> For the sake of security, I'd like to configure my SSL/TLS server to
> not allow export level ciphers (using the SSLCipherSuite directive).
> Is this going to realistically limit the number of people who can use
> a secure connection to my site? Specifically, will visitors from other
> countries (outside the US) be able to support the stronger
> (non-exportable) ciphers?

You can configure a logfile to record what ciphers your users are  
currently using, and draw conclusions from that.


Sander Temme
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF

View raw message