On 11/16/2013 12:37 PM, Marko Kreen wrote:
> Thanks for testing!
>
> On Sat, Nov 16, 2013 at 12:17:40PM -0800, Adrian Klaver wrote:
>> On 11/16/2013 06:24 AM, Marko Kreen wrote:
>>> ssl-better-default:
>>> SSL should stay working, openssl ciphers -v 'value' should not contain
>>> any weak suites (RC4, SEED, DES-CBC, EXP, NULL) and no non-authenticated
>>> suites (ADH/AECDH).
>>
>> Not sure about the above, if it is a GUC I can't find it. If it is
>> something else than I will have to plead ignorance.
>
> The patch just changes the default value for 'ssl_ciphers' GUC.
I am still not sure what patch you are talking about. The two patches I
saw where for server_prefer and ECDH key exchange.
>
> The question is if the value works at all, and is good.
>
What value would we be talking about?
Note: I have been working through a head cold and thought processes are
sluggish, handle accordingly:)
--
Adrian Klaver
adrian.klaver@gmail.com