Talk:Security/Server Side TLS: Difference between revisions
Jump to navigation
Jump to search
Gdestuynder (talk | contribs) (Created page with "Sources: https://jve.linuxwall.info/blog/index.php?post/2013/10/12/A-grade-SSL/TLS-with-Nginx-and-StartSSL https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-m...") |
(→RC4: new section) |
||
| Line 2: | Line 2: | ||
https://jve.linuxwall.info/blog/index.php?post/2013/10/12/A-grade-SSL/TLS-with-Nginx-and-StartSSL | https://jve.linuxwall.info/blog/index.php?post/2013/10/12/A-grade-SSL/TLS-with-Nginx-and-StartSSL | ||
https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-mod_ssl/ | https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-mod_ssl/ | ||
== RC4 == | |||
RC4-based ciphers '''ought to be completely removed''' from the list, better attacks are coming like this one: https://www.usenix.org/conference/usenixsecurity13/security-rc4-tls' | |||
Revision as of 18:41, 15 October 2013
Sources: https://jve.linuxwall.info/blog/index.php?post/2013/10/12/A-grade-SSL/TLS-with-Nginx-and-StartSSL https://www.insecure.ws/2013/10/11/ssltls-configuration-for-apache-mod_ssl/
RC4
RC4-based ciphers ought to be completely removed from the list, better attacks are coming like this one: https://www.usenix.org/conference/usenixsecurity13/security-rc4-tls'