> On Mar 6, 2016, at 7:13 PM, Viktor Dukhovni <openssl-users at dukhovni.org> wrote: > > >> On Mar 6, 2016, at 7:04 PM, Jeffrey Walton <noloader at gmail.com> wrote: >> >> So my question is, does OPENSSL_NO_WEAK_SSL_CIPHERS do anything more >> than remove RC4? > > In master, at present, that's it. This may change. The only remaining use of MD5 I could find was: NULL-MD5 SSLv3 Kx=RSA Au=RSA Enc=None Mac=MD5 which is a NULL cipher, so you're not getting much security anyway, but perhaps users of this still want strong data integrity, so we could easily add this cipher to the 'weak' list... -- Viktor.
