This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author naif
Recipients gregory.p.smith, naif, pitrou
Date 2011-12-19.13:03:08
SpamBayes Score 6.9920705e-09
Marked as misclassified No
Message-id <1324299789.65.0.701910827139.issue13636@psf.upfronthosting.co.za>
In-reply-to
Content
Yes, i can do the test for the ordered set of ciphers with all the patches in-place, can build a custom python 3.2 with the patch applied.

I would suggest to try to keep  ECC/ECDH/ECDHE enabled, conceptually we would like to have ECDHE as the first ciphers because it's the most modern, performance and secure.

For DH, you say that it require some file, but looking at mod_ssl Changelog it say:
      The reason was that mod_ssl's temporary RSA keys and DH parameters
      were stored in the persistent memory pool directly as OpenSSL's
      RSA and DH structures.

I mean, when i install Apache with SSL, from the system administrator point of view, i never have to create a file somewhere in order to have that ciphers.

Maybe also DH/EDH stuff can be done "in memory"?
History
Date User Action Args
2011-12-19 13:03:09naifsetrecipients: + naif, gregory.p.smith, pitrou
2011-12-19 13:03:09naifsetmessageid: <1324299789.65.0.701910827139.issue13636@psf.upfronthosting.co.za>
2011-12-19 13:03:09naiflinkissue13636 messages
2011-12-19 13:03:08naifcreate