Changes between Initial Version and Version 4 of Ticket #177


Ignore:
Timestamp:
06/15/12 10:40:35 (12 years ago)
Author:
Maxim Dounin
Comment:

Yes, docs should be updated. Ruslan is looking into this.

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #177

    • Property Status newassigned
    • Property Component nginx-moduleother
    • Property Summary Default ssl_ciphers value should be correcteddocs: default ssl_ciphers value should be corrected
    • Property Version 1.2.x
    • Property Owner changed from somebody to Ruslan Ermilov

  • Ticket #177 – Description

    initial v4  
    1 Disable AECDH ciphersuites by default.
    2 
    3 Current default setting of "HIGH:!ADH:!MD5;" isn't enough to disable insecure anonymous ECDH ciphersuites.
    4 
    5 It should be changed to "HIGH:!ADH:!AECDH:!MD5;" or even to "HIGH:!aNULL:!MD5;"
     1Documentation for ssl_ciphers needs updating, it still lists "HIGH:!ADH:!MD5" (and suggests to use !ADH in the example).