Message149860
It would be also useful to "Sort" the order of ciphers by it's strength.
This is done by the parameter @STRENGTH" :
From http://www.openssl.org/docs/apps/ciphers.html
"Additionally the cipher string @STRENGTH can be used at any point to sort the current cipher list in order of encryption algorithm key length."
In that case the default cipher string would become:
"HIGH:!aNULL:!eNULL:!SSLv2:!MD5:@STRENGTH"
The logic for third party developers could be explained as:
Only =>128bit ciphers
Disable unauthenticated ciphers
Disable SSLv2 protocol
Disable weak MD5 hash as authentication
Sort the cipher preferences by it's strength |
|
Date |
User |
Action |
Args |
2011-12-19 13:37:22 | naif | set | recipients:
+ naif, gregory.p.smith, pitrou |
2011-12-19 13:37:22 | naif | set | messageid: <1324301842.73.0.107913581224.issue13636@psf.upfronthosting.co.za> |
2011-12-19 13:37:22 | naif | link | issue13636 messages |
2011-12-19 13:37:22 | naif | create | |
|