[Pkg-nginx-maintainers] Bug#915499: nginx: ship a snippet for strong SSL options
Thomas Ward
teward at dark-net.net
Tue Dec 4 21:55:53 GMT 2018
I should point out that "strong" options are typically only for the most
modern grades of interactivity of SSL compatibility. Therefore
Cipherli.st's recommendations are not altogether the most same approach to
this even if it's a non-default config snippet.
Permit me to ask this, but what basis is being used by you to determine
"strong" options here? Purely cipherli.st or other sources of research as
well to support the "strong" definition in this case?
Thomas
On Tue, Dec 4, 2018, 01:42 Sampo Sorsa <sorsasampo at protonmail.com wrote:
> Source: nginx
> Severity: wishlist
>
> nginx could ship with /etc/nginx/snippets/ssl-strong.conf that contains
> strong SSL options that can be included easily.
>
> Currently at least mailman3 ships with /etc/mailman3/nginx.conf containing
> SSL options. It would be a good idea to provide these in one place and just
> include in other packages.
>
>
> Perhaps consider relevant parts of https://cipherli.st/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-nginx-maintainers/attachments/20181204/9c671524/attachment-0001.html>
More information about the Pkg-nginx-maintainers
mailing list