Re: Appropriate use of SSL_CTX_set_cipher_list()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jul 18, 2018 at 03:24:31PM -0500, Ryan Beethe wrote:
> For a safe client application, should you explicitly set the cipher list
> explicitly, rather than trust the default cipher list that comes from
> the package manager's libssl?

I would say that the answer to that depends on another question:  do
you regularly review the package manager's default cipher list, and
have reason to trust it?

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu

Attachment: signature.asc
Description: PGP signature

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux