li...@rhsoft.net <li...@rhsoft.net> schrieb am Fr., 1. Dez. 2017, 17:13:
> > > Am 30.11.2017 um 17:41 schrieb Hannes Magnusson: > >> - Improve TLS constants to sane values > > > > This worries me a lot. Last time someone thought it was a good idea they > > introduced security vulnerability for all apps that used them. > > that PHP now instead of ECDHE-RSA-AES128-SHA uses > ECDHE-RSA-AES128-GCM-SHA256 for TLS connections (and before 7.1 with > openssl 1.1 it was not able to use ECHDE at all) or that PHP don't let > the crypto library alone at all? > > at least it got better with 7.2 > We only changed the defaults in 7.2, it was possible to use the same features before, except for the security level. Regards, Niklas >
