I think this is a silly question but I still would like to get a knowledgeable and experienced confirmation of my thinking.
My client is a custom application and as such only needs to communicate with specific servers for specific purposes. I think it makes sense for my client to only support the specific protocol that my server will use, ECDHE-RSA-AES128-GCM-SHA256. Does this sound reasonable or should I also include others as well?
My thinking is that if the servers are changed one day, it would only be for increasing security and thus I will probably need to update to latest OpenSSL and so will be updating my app at this time anyway. Also, since they are my companies servers, I will be notified ahead of time that change is coming.
T
hanks,
Jeff -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
