SSL default changes?

Grant emailgrant at gmail.com
Mon Mar 11 04:48:47 UTC 2013

Previous message: SPDY patch not applying cleanly.
Next message: SSL default changes?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

It looks like these changes from default are required for SSL session
resumption and to mitigate the BEAST SSL vulnerability:

ssl_session_cache shared:SSL:10m;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

Should the defaults be changed to these?

- Grant

Previous message: SPDY patch not applying cleanly.
Next message: SSL default changes?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the nginx mailing list