nginx-1.1.0
Calomel Org
infallibilismindefeasibility at calomel.org
Mon Aug 1 21:48:03 UTC 2011
Elliptic curve Diffie-Hellman (ECDH) key exchange ciphers work
perfectly. Thank you very much Igor and Adrian.
For those interested, the ssl_ecdh_curve directive specifies the type
of curve you want to use. secp521r1 is the 521 bit EC for example.
## Global SSL options
ssl_ciphers ECDHE-RSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:DES-CBC3-SHA
## HTTPS server body
ssl_ecdh_curve secp521r1;
--
Calomel @ https://calomel.org
Open Source Research and Reference
On Mon, Aug 01, 2011 at 11:14:00AM -0400, Igor Sysoev wrote:
>Changes with nginx 1.1.0 01 Aug 2011
>
> *) Feature: cache loader run time decrease.
>
> *) Feature: "loader_files", "loader_sleep", and "loader_threshold"
> options of the "proxy/fastcgi/scgi/uwsgi_cache_path" directives.
>
> *) Feature: loading time decrease of configuration with large number of
> HTTPS sites.
>
> *) Feature: now nginx supports ECDHE key exchange ciphers.
> Thanks to Adrian Kotelba.
>
> *) Feature: the "lingering_close" directive.
> Thanks to Maxim Dounin.
>
> *) Bugfix: in closing connection for pipelined requests.
> Thanks to Maxim Dounin.
>
> *) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in
> "Accept-Encoding" request header line.
>
> *) Bugfix: in timeout in unbuffered proxied mode.
> Thanks to Maxim Dounin.
>
> *) Bugfix: memory leaks when a "proxy_pass" directive contains
> variables and proxies to an HTTPS backend.
> Thanks to Maxim Dounin.
>
> *) Bugfix: in parameter validaiton of a "proxy_pass" directive with
> variables.
> Thanks to Lanshun Zhou.
>
> *) Bugfix: SSL did not work on QNX.
> Thanks to Maxim Dounin.
>
> *) Bugfix: SSL modules could not be built by gcc 4.6 without
> --with-debug option.
>
>
>--
>Igor Sysoev
>
>_______________________________________________
>nginx mailing list
>nginx at nginx.org
>http://mailman.nginx.org/mailman/listinfo/nginx
More information about the nginx
mailing list