Changes between Version 21 and Version 22 of TipAndDoc/ssl


Ignore:
Timestamp:
Sep 2, 2015 9:43:41 PM (9 years ago)
Author:
mitty
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • TipAndDoc/ssl

    v21 v22  
    1111 * wikipedia:Transport_Layer_Security#Dealing_with_RC4_and_BEAST 
    1212 > The best choice is to only allow TLS 1.1 and TLS 1.2, but Firefox only supports TLS 1.0 and SSL 3.0 and Opera and Internet Explorer have support for TLS 1.1 and TLS 1.2 disabled by default. In most web servers, only one cipher can be assigned as the preferred cipher. Choosing RC4 is still the best choice for TLS 1.0, but not for TLS 1.1 and TLS 1.2. Choosing AES (CBC cipher) is secure for TLS 1.1 and TLS 1.2, but not for TLS 1.0 due to the BEAST attack. 
     13 
     14 * [http://blog.yjl.im/2013/12/disabling-tlsssl-rc4-in-firefox-and.html YJL: Disabling TLS/SSL RC4 in Firefox and Chrome] 
    1315 
    1416 = mod_ssl =