OoO Peu avant le début de l'après-midi du jeudi 22 décembre 2011, vers
13:38, Arno Töll disait :
> I'm sorry you're right. I was indeed misleading as I just copied the
> NEWS entry I wrote for Unstable where things are slightly different. I
> admit I shouldn't have copied it for Stable and Unst
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
FYI, forwarding to Vincent:
On 21.12.2011 11:39, Olaf van der Spek wrote:
> On Wed, Dec 21, 2011 at 8:40 AM, Vincent Bernat wrote:
>> More important, lighttp uses OpenSSL which is not compatible with TLS
>> 1.2. Therefore, the above cipher list is
Hi,
* Olaf van der Spek [2011-12-21 12:01]:
> On Wed, Dec 21, 2011 at 8:40 AM, Vincent Bernat wrote:
> > More important, lighttp uses OpenSSL which is not compatible with TLS
> > 1.2. Therefore, the above cipher list is the same as:
> > RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM
> >
> > (you can check
On Wed, Dec 21, 2011 at 8:40 AM, Vincent Bernat wrote:
> More important, lighttp uses OpenSSL which is not compatible with TLS
> 1.2. Therefore, the above cipher list is the same as:
> RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM
>
> (you can check the output of "openssl ciphers")
Isn't aNULL disabled b
OoO En cette nuit nuageuse du mercredi 21 décembre 2011, vers 01:24,
Nico Golde disait :
> When using CBC ciphers on an SSL enabled virtual host to communicate with
> certain client, a so called "BEAST" attack allows man-in-the-middle
> attackers to obtain plaintext HTTP traffic via a b
5 matches
Mail list logo
