[openssl-users] no-weak-ssl-ciphers and OPENSSL_NO_WEAK_SSL_CIPHERS?
noloader at gmail.com
Mon Mar 7 00:04:09 UTC 2016
I noticed a new option no-weak-ssl-ciphers. It defines
>From a grep it looks like OPENSSL_NO_WEAK_SSL_CIPHERS is used by
s3_lib.c. Inspecting the hits, it appears the define disables cipher
suites with RC4.
I also noticed there is some use of MD5 which is not guarded by
OPENSSL_NO_WEAK_SSL_CIPHERS. I mention it because of the browser's
Obsolete Cryptography warning
So my question is, does OPENSSL_NO_WEAK_SSL_CIPHERS do anything more
than remove RC4?
More information about the openssl-users