On Thu, Aug 20, 2009 at 3:24 PM, Sander Temme<sctemme@xxxxxxxxxx> wrote: > > On Aug 20, 2009, at 3:16 PM, Brian Mearns wrote: > >> For the sake of security, I'd like to configure my SSL/TLS server to >> not allow export level ciphers (using the SSLCipherSuite directive). >> Is this going to realistically limit the number of people who can use >> a secure connection to my site? Specifically, will visitors from other >> countries (outside the US) be able to support the stronger >> (non-exportable) ciphers? > > > You can configure a logfile to record what ciphers your users are currently > using, and draw conclusions from that. > > S. [clip] Good idea, but I'm not currently getting many users. I'm thinking in the long term, I don't want to lock out potential visitors just because they're using weak crypto. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|