really drop SSLv2
hggdh2 at ubuntu.com
Sun Aug 8 22:59:02 BST 2010
On Thu, 05 Aug 2010 10:02:07 -0400
Etienne Goyer <etienne.goyer at canonical.com> wrote:
> On 10-08-04 06:05 PM, Kees Cook wrote:
> > Hi Jim,
> > On Wed, Aug 04, 2010 at 09:44:25AM -0400, Jim Tarvid wrote:
> >> Why not kill the weak ciphers too?
> > Sure! Can you send a patch for this?
> I do not really see the point. Since the client and the server will
> negotiate the strongest cipher they both support, what exactly would
> we gain by removing cipher considered weak?
Unless it changed -- and I have been out of it for a few years --, the
server will usually select the first cypher in the list that matches.
So, the order of the list matters.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: not available
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20100808/2d2d7876/attachment.pgp
More information about the ubuntu-devel