On Wed, Jul 18, 2018 at 03:24:31PM -0500, Ryan Beethe wrote: > For a safe client application, should you explicitly set the cipher list > explicitly, rather than trust the default cipher list that comes from > the package manager's libssl?
I would say that the answer to that depends on another question: do you regularly review the package manager's default cipher list, and have reason to trust it? -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu
signature.asc
Description: PGP signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
