[Pkg-openssl-devel] Bug#779669: Bug#779669: OpenSSL: consider completely disabling EXPORT cipher suites
Kurt Roeckx
kurt at roeckx.be
Wed Mar 4 05:10:24 UTC 2015
On Tue, Mar 03, 2015 at 10:45:41PM +0200, Török Edwin wrote:
> can you consider disabling the export suites in OpenSSL like LibreSSL did, and
> like you've done for SSLv3?
I do want to remove the export ciphers from the DEFAULT cipher
string in all released branches. I have patches upstream to do
that, and to completly remove support for export ciphers in
master.
> [2] https://github.com/libressl-
> portable/openbsd/commit/9e3c8206e0f32386e79956dfa4a26bbfdb3dd10d
> [4] https://github.com/libressl-
> portable/openbsd/commit/9e3c8206e0f32386e79956dfa4a26bbfdb3dd10d
That's the same link.
I suspect at least one of those patches is doing something wrong,
but didn't have a close look.
Kurt
More information about the Pkg-openssl-devel
mailing list