httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sander Temme <scte...@apache.org>
Subject Re: [users@httpd] Is it okay to not use exportable ciphers?
Date Thu, 20 Aug 2009 19:24:28 GMT

On Aug 20, 2009, at 3:16 PM, Brian Mearns wrote:

> For the sake of security, I'd like to configure my SSL/TLS server to
> not allow export level ciphers (using the SSLCipherSuite directive).
> Is this going to realistically limit the number of people who can use
> a secure connection to my site? Specifically, will visitors from other
> countries (outside the US) be able to support the stronger
> (non-exportable) ciphers?


You can configure a logfile to record what ciphers your users are  
currently using, and draw conclusions from that.

S.

-- 
Sander Temme
sctemme@apache.org
PGP FP: 51B4 8727 466A 0BC3 69F4  B7B8 B2BE BC40 1529 24AF




Mime
View raw message