[Ach] [ssllabs-discuss] Minimal recommended cipher suite list, pref. as an interactive SSL Labs page

Aaron Zauner azet at azet.org
Fri Jun 13 13:21:33 CEST 2014

Hubert Kario wrote:
> I don't see how checking multiple clients is relevant if you force server
> side cipher ordering (which you must do to get robust PFS anyway).

There's actually no other way to confirm is a given server configuration
does in fact work on different cliens (think java, legacy software and
so forth). But yes, that's only to check if it actually works, enforcing
server ordering will force clients to a given cipher config.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140613/9b132411/attachment.sig>

More information about the Ach mailing list