From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject:
 Re: [PATCH] OpenSSL: lower priority for CBC ciphers in default cipherlist
Date: Tue, 11 Jun 2019 10:38:09 +0100
Message-ID: <3C76DDEC-EB71-4BC5-A83C-C8AFAEF087AF@ipfire.org>
In-Reply-To: <062d3808-bde7-ed93-520d-18faf848d49e@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============2712601670019089187=="
List-Id: <development.lists.ipfire.org>

--===============2712601670019089187==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Hi,

okay. So let=E2=80=99s save all those changes for the next Core Update so tha=
t we only have one line in the change log and can communicate it concisely.

-Michael

> On 10 Jun 2019, at 20:30, Peter M=C3=BCller <peter.mueller(a)ipfire.org> wr=
ote:
>=20
> Hello Michael,
>=20
>> Do you intend to do more changes to let=E2=80=99s say the Apache cipher su=
ites?
> At the moment, no. I plan to remove AES-CBC at the end of the year
> or if more dangerous vulnerabilities show up; I am afraid we cannot
> do this for OpenVPN/IPsec GUIs as well.
>=20
> Thanks, and best regards,
> Peter M=C3=BCller
> --=20
> The road to Hades is easy to travel.
> 	-- Bion of Borysthenes


--===============2712601670019089187==--