[Ach] Looks like SSLv3 is enabled for httpd in spec?

Gunnar Haslinger gh.bettercrypto at hitco.at
Thu Mar 3 20:14:01 CET 2016

Am 03.03.2016 um 18:38 schrieb Pepi Zawodsky:
>>> Can anyone tell me, if :+SSLv3: really should be there?
> I totally agree that this notation is counter-intuitive. Yet, Sebastian is totally right. This enables Cipher suites _defined_ in the SSLv3 spec (which are used in TLS 1.0 and above as well) but definitely does not turn on the SSLv3 protocol.

+SSLv3 doesn't enable any CipherSuites.
It just pushes back the SSLv3 CipherSuites to the end of the List

See Documentation:
If “+” is used then the ciphers are moved to the end of the list. This 
option doesn't add any new ciphers it just moves matching existing ones.


More information about the Ach mailing list