About

Although these settings provide maximum security they might also have the side effect of breaking backward compatibility with applications that have not been upgraded to support the latest bleeding edge security. That being said the configurations should be used with caution when backward compatibility might be preferred such as E-Mail systems (postfix, dovecot, Cyrus IMAP, etc).

The following is an archive of Remy van Elst' Cipherli.st (Darknet) that documents how to configure various servers to use only the strongest encryption cipher configuration. The rationale used is the following:

  • attempt to use only TLSv1.3 (and reject TLSv1.0,1.1,1.2 as well as SSL that is susceptible to the POODLE series of attacks and derivatives),
  • use only elliptic curve ciphers and hashes

Index


fuss/strong_ciphers.txt ยท Last modified: 2022/04/19 08:28 by 127.0.0.1

Access website using Tor Access website using i2p Wizardry and Steamworks PGP Key


For the contact, copyright, license, warranty and privacy terms for the usage of this website please see the contact, license, privacy, copyright.