httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Eric Covener <cove...@gmail.com>
Subject Re: [users@httpd] explicitly including other ciphers for use with https
Date Tue, 08 Dec 2015 19:20:33 GMT
On Tue, Dec 8, 2015 at 2:19 PM, Eric Covener <covener@gmail.com> wrote:
> On Tue, Dec 8, 2015 at 11:41 AM, Ron Croonenberg <ronc@lanl.gov> wrote:
>> P.S:  why not make it an option that can be configured and where the default
>> 'setting' is "no NULL ciphers" ?
>
> I think the rational ie that the cipher strings are complex and we're
> protecting people from inadvertently enabling null and export ciphers.

That part was probably obvious, the reason it's not configurable is that
nobody has made it a priority to develop/test/review something better.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message