On 14.11.2015 16:21, Paul Wise wrote: > On Sat, Nov 14, 2015 at 11:11 PM, Daniel Stender wrote: > >> One of the main goals of this project is to keep the code base as lean as >> possible to be fast and to reduce security risks. s2n implements SSLv3, >> TLS1.0, TLS1.1, and TLS1.2. For encryption, s2n supports 128-bit and >> 256-bit AES, in the CBC and GCM modes, 3DES, and RC4. > > SSLv3 and RC4 have been shown to be insecure, please disable support > for these in the Debian package and talk to upstream about dropping > them.
Yes! SSLv3 and RC4 are disabled by default for security reasons. I'll talk to upstream about this issue. Thanks, DS -- 4096R/DF5182C8 46CB 1CA8 9EA3 B743 7676 1DB9 15E0 9AF4 DF51 82C8 LPI certified Linux admin (LPI000329859 64mz6f7kt4) http://www.danielstender.com/blog/
