[openssl-users] Appropriate use of SSL_CTX_set_cipher_list()

Mark H. Wood mwood at iupui.edu
Thu Jul 19 16:09:43 UTC 2018


On Wed, Jul 18, 2018 at 03:24:31PM -0500, Ryan Beethe wrote:
> For a safe client application, should you explicitly set the cipher list
> explicitly, rather than trust the default cipher list that comes from
> the package manager's libssl?

I would say that the answer to that depends on another question:  do
you regularly review the package manager's default cipher list, and
have reason to trust it?

-- 
Mark H. Wood
Lead Technology Analyst

University Library
Indiana University - Purdue University Indianapolis
755 W. Michigan Street
Indianapolis, IN 46202
317-274-0749
www.ulib.iupui.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180719/c21aa8d6/attachment.sig>


More information about the openssl-users mailing list