Changes between Initial Version and Version 4 of Ticket #177
- 06/15/12 10:40:35 (10 years ago)
- Property Status new → assigned
- Property Component nginx-module → other
- Property Summary Default ssl_ciphers value should be corrected → docs: default ssl_ciphers value should be corrected
- Property Version 1.2.x
- Property Owner changed from to
initial v4 1 Disable AECDH ciphersuites by default. 2 3 Current default setting of "HIGH:!ADH:!MD5;" isn't enough to disable insecure anonymous ECDH ciphersuites. 4 5 It should be changed to "HIGH:!ADH:!AECDH:!MD5;" or even to "HIGH:!aNULL:!MD5;" 1 Documentation for ssl_ciphers needs updating, it still lists "HIGH:!ADH:!MD5" (and suggests to use !ADH in the example).