Hello,

I filled a (now closed, because erroneous) enhancement ticket:
http://trac.nginx.org/nginx/ticket/619

As it appears, the change I noticed in the SSl test did not result from my
malformed ciphers list.
Right about that.

However, what is intriguing is the answer Maxim gave me on the second part
of my proposal: the default activation of ssl_prefer_server_ciphers
<http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_prefer_server_ciphers>
..

He saif that this option put to on made sense with a custome list but not
with the default one.

I confirm that the results of my tests changed. It was no because of the
ciphers list, but it was due to that other change.
Thus, the ciphers used by the emulated clients of the test changed
following the activation of that option, allowing me to pass the 'Forward
Secrecy' part of the test, resulting in an upgrade of my score from A- to A.

I jsut checked it again, removing my buggy ciphers list and (de)activating
de rprefer' option.

If using that option with the default ciphers list was useless, what had
that change an impact on the results of my test?
---
*B. R.*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx