Ah. It looks like I've put the wrong configuration in the blog post. My fault. I... | Hacker News

Hacker News new | comments | show | ask | jobs | submit

login

jgrahamc on July 14, 2013 | parent | favorite | on: The state of TLS ciphers

Ah. It looks like I've put the wrong configuration in the blog post. My fault. I shall update the blog post with the correct configuration.

Here's what we are currently using:

  ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA;
  ssl_prefer_server_ciphers   on;

reedloden on July 16, 2013

Why do you turn off the CAMELLIA ciphers?

stock_toaster on July 14, 2013

thanks!

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact