On 06/01/14 20:40, Jeffrey Walton wrote: <snip>
There's also an Apple SecureTransport bug workaround. Apple's SecrureTransport does not properly negotiate ECDHE-ECDSA cipher suites. It affects Mac OS X and could affect iOS. It might be prudent to add SSL_OP_SAFARI_ECDHE_ECDSA_BUG by default. http://www.mail-archive.com/[email protected]/msg32629.html.
Nginx doesn't yet support multiple server certs per site (e.g. 1 RSA cert and 1 ECC cert), so SSL_OP_SAFARI_ECDHE_ECDSA_BUG isn't yet useful.
(I was working on a patch for multiple server certs a few months ago; I hope to find time to complete this very soon).
-- Rob Stradling Senior Research & Development Scientist COMODO - Creating Trust Online _______________________________________________ nginx mailing list [email protected] http://mailman.nginx.org/mailman/listinfo/nginx
