|
|
|
|
|
|
by jerf
4653 days ago
|
|
|
There's been a lot of recent flux in what the consensus on "best config for security" even is in the past six months. We went through a phase where RC4 was the recommended cipher, now we're mostly coming around to it being a bad idea, for instance, and that's still a thing in progress rather than totally done. |
|
|
I know I'm not the only one with half a dozen, a dozen, or dozens of web servers I am responsible for -- who realistically isn't going to keep track of what the current consensus is and go updating the ssl configuration even every six months.