[pkg-lighttpd] r560 - in lighttpd/trunk/debian: . conf-available

Olaf van der Spek olafvdspek at gmail.com
Mon Dec 19 00:11:56 UTC 2011


On Sun, Dec 18, 2011 at 10:20 PM, Arno Töll <debian at toell.net> wrote:
>> Why isn't the upstream ssl.ciphers default updated?
>> It's not right to hard-code a list of ciphers.
>
> That's the "official" advise to deal with the problem, for good or not.

I know

> Together with the new  ssl.honor-cipher-order option by the way. The
> default can't be updated, as there is no default in the code since
> OpenSSL does not need it to operate properly and lighttpd hence does not
> set it.

In that case I'd expect a solution from OpenSSL itself.
But I guess we'll have to live with this for now.

Olaf



More information about the pkg-lighttpd-maintainers mailing list