31 Jan
2016
31 Jan
'16
3:26 p.m.
Fraser McGlinn via luv-main <luv-main@luv.asn.au> wrote:
It always a fine balance between supportability and security. But I find an excellent resource for deciding what ciphers i should support, Cloudflare post up their Nginx SSL Configuration publically on Github and update this whenever they change. Might be worth a look.
https://github.com/cloudflare/sslconfig/blob/master/conf <https://github.com/cloudflare/sslconfig/blob/master/conf>
Thanks - that's very useful. I note a preference for elliptic curve cryptography (ECDH).