[PATCH] OpenSSL: lower priority for CBC ciphers in default cipherlist

Peter Müller peter.mueller at ipfire.org
Mon Jun 10 20:30:00 BST 2019


Hello Michael,

> Do you intend to do more changes to let’s say the Apache cipher suites?
At the moment, no. I plan to remove AES-CBC at the end of the year
or if more dangerous vulnerabilities show up; I am afraid we cannot
do this for OpenVPN/IPsec GUIs as well.

Thanks, and best regards,
Peter Müller
-- 
The road to Hades is easy to travel.
	-- Bion of Borysthenes


More information about the Development mailing list