[Sks-devel] Recommended HKPS protocols & ciphersuites?

sks-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] Recommended HKPS protocols & ciphersuites?

From:	Pete Stephenson
Subject:	[Sks-devel] Recommended HKPS protocols & ciphersuites?
Date:	Sun, 03 Aug 2014 21:29:49 +0200
User-agent:	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

Hi all,

For those running HKPS-enabled servers in the pool, what protocols and
ciphersuites do you use?

I'd hope that it'd be safe these days to disable SSLv2. How about SSLv3?
RC4?

I'd like to provide a reasonable fallback to older clients that don't
support modern ciphers, but without jeopardizing the security of modern
clients that do.

It appears gnupg-curl on Debian systems supports DHE-RSA-AES256-SHA256
and TLS 1.2. A random HKPS query to my server used TLSv1.2 and
ECDHE-RSA-AES256-GCM-SHA384, which is promising.

Any recommendations?

Cheers!
-Pete

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Sks-devel] Recommended HKPS protocols & ciphersuites?, Pete Stephenson <=
- Re: [Sks-devel] Recommended HKPS protocols & ciphersuites?, David Benfell, 2014/08/03
  - Re: [Sks-devel] Recommended HKPS protocols & ciphersuites?, Pete Stephenson, 2014/08/03
    - Re: [Sks-devel] Recommended HKPS protocols & ciphersuites?, David Benfell, 2014/08/03

Prev by Date: Re: [Sks-devel] Moving SKS to a different host
Next by Date: Re: [Sks-devel] Please add me to your 'membership'
Previous by thread: [Sks-devel] Moving SKS to a different host
Next by thread: Re: [Sks-devel] Recommended HKPS protocols & ciphersuites?
Index(es):
- Date
- Thread