[Ach] CloudFlare's SSL config for public-facing nginx hosts
Aaron Zauner
azet at azet.org
Mon May 5 14:06:01 CEST 2014
Alan Orth wrote:
> Hey,
>
> For what it's worth, they seem to be using an OpenSSL patch which only
> enables RC4 if the connection is SSLv3 (ie, to combat BEAST).
Yup, but since this patch has never been ported upstream that does not
really give us any advantage.
>
> But yes, it seems pretty likely that we should have stopped using RC4
> many years ago:
>
> https://twitter.com/ioerror/status/398059565947699200
Yup.
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140505/938463a3/attachment.sig>
More information about the Ach
mailing list