On Sat, 9 Mar 2013 21:55:13 -0800, Grant <emailgrant@gmail.com> wrote:
> After reading "nginx does not suck at ssl":
>
> http://matt.io/entry/ur
>
> I'm using:
>
> ssl_ciphers
> ALL:!aNULL:!ADH:!eNULL:!MEDIUM:!LOW:!EXP:!kEDH:RC4+RSA:+HIGH;
Some of us use the following to mitigate BEAST attacks:
ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!aNULL:!MD5:!EDH;
r.
M.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx