strong ssl ciphers - browsers

Lukas Tribus luky-37 at hotmail.com
Tue May 8 22:15:39 UTC 2012


Hi Hajo,

 

 

BEAST has nothing todo with weak ciphers. Because the workaround is to prefer RC4 over AES from the server side, you are not excluding any browsers (however, a short check with the oldest supported platform isn't a bad idea either).

 

 

 

I noticed the documentation about the default of the ssl_ciphers keyword isn't up-to-date: !ADH was replaced with !aNULL in 1.0.5 [2]. Can someone update the docs?

 

 

[1] http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers

[2] http://forum.nginx.org/read.php?29,206670,207923

  		 	   		  


More information about the nginx mailing list