It always a fine balance between supportability and security. But I find an excellent resource for deciding what ciphers i should support, Cloudflare post up their Nginx SSL Configuration publically on Github and update this whenever they change. Might be worth a look.

https://github.com/cloudflare/sslconfig/blob/master/conf

Cheers,

Fraser

On 31/01/2016, at 4:11 am, Andrew McGlashan via luv-main <luv-main@luv.asn.au> wrote:



On 31/01/2016 4:03 AM, Jason White via luv-main wrote:
Andrew McGlashan via luv-main <luv-main@luv.asn.au> wrote:
Given that TLS is now required by luv.asn.au, I think a backward-compatible
approach is appropriate. Arbitrarily excluding users of software that one
doesn't like sends the wrong kind of message.

All good and fair comments, but anyone whom lets people continue to use
IE and/or Windows XP..... well.  They WILL have to change sooner or
later and the sooner the better.  LUV won't be the only driving factor,
it is, but one.

Cheers
A.

_______________________________________________
luv-main mailing list
luv-main@luv.asn.au
http://lists.luv.asn.au/listinfo/luv-main