[issue20995] Use Better Default Ciphers for the SSL Module

Mark Kubacki Wed, 23 Apr 2014 05:54:33 -0700

Mark Kubacki added the comment:

The cipher strings rely too much on AES for my taste. Imagine that 
ChaCha20Poly1305 or any other strong cipher suite is introduced to OpenSSL in 
the future.


Enabling using general, and demoting using narrow terms, seems IMHO a better 
approach. For example:

    ECDH+HIGH:DH+HIGH:!aNULL:!MD5:!RC4:-3DES:HIGH

----------
nosy: +markk

_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue20995>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe: 
https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com

[issue20995] Use Better Default Ciphers for the SSL Module

Reply via email to