lvh
commented
10 years ago I've marked this as a bug because it's sufficiently stupid, even though some people might consider this an enhancement.
Closed lvh closed 10 years ago
lvh
commented
10 years ago I've marked this as a bug because it's sufficiently stupid, even though some people might consider this an enhancement.
Right now it's just the OpenSSL defaults, which probably includes nasty things like MD5, RC4 and (single) DES. There is no sane reason why we should support this, especially since we control the clients as well as the servers.
(The reason for not using ECC is because people still have machines with crappy libopenssl versions, and shipping libopenssl is harder than not shipping libopenssl)