Dusting off lafs-rpg.
Alex Elsayed
eternaleye at gmail.com
Tue Nov 26 00:16:10 UTC 2013
Zooko O'Whielacronx wrote:
> On Sun, Oct 13, 2013 at 9:09 PM, Callme Whatiwant <nejucomo at gmail.com>
> wrote:
>>
>> Thanks Patrick! Before I accepted this, I was hoping people with more
>> knowledge of recent TLS vulnerabilities and/or forward secrecy could take
>> a glance at the cipher list and comment on if it's still "Today's Best
>> TLS config".
>
> Here's Hynek Schlawack's ¹, which is partially based on mine ² and
> partially based on qualsys "ssllabs".
>
> Regards,
>
> Zooko
>
> ¹ http://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
>
> ² https://github.com/LeastAuthority/leastauthority.com/issues/92#issuecomment-26292572
You may find it interesting that the IETF is creating a TLS
best-current-practices RFC:
http://tools.ietf.org/html/draft-sheffer-tls-bcp-01
More information about the tahoe-dev
mailing list