[Nut-upsdev] NSS branch testing.
Rob Crittenden
rcrit at greyoak.com
Wed Aug 15 02:57:47 UTC 2012
Charles Lepple wrote:
> On Tue, Aug 14, 2012 at 9:01 AM, Rob Crittenden <rcrit at greyoak.com> wrote:
>> One thing I noticed is that there aren't a lot of knobs to turn relative to
>> SSL. No way to control the ciphers, or even to limit to TLS. That is a bit
>> of a nice-to-have, but tricky since OpenSSL and NSS ciphers are handled so
>> differently, getting parity is tough.
>
> Agreed that there aren't many knobs, but when you say "or even to
> limit to TLS", what scenario do you have in mind?
>
To limit the protocol to TLS and disallow SSL3 for example. Currently
IIRC both are enabled. This would be one way to broadly control the
available ciphers.
rob
More information about the Nut-upsdev
mailing list