[stunnel-users] server does not send its cert?
lkereszt at gmail.com
Tue Feb 14 15:33:59 CET 2012
Right after I clicked the send button I've got the feeling that this is a
Thanks for the clarification!
On Tue, Feb 14, 2012 at 14:55, Michal Trojnara <Michal.Trojnara at mirt.net>wrote:
> Keresztfalvi Laszlo wrote:
>> 2012.02.14 13:13:32 LOG6[87260:136504]: Negotiated ciphers: RC4-SHA SSLv3
>> Kx=RSA Au=RSA ENC=RC4(128) Mac=SHA1
>> RC4 128-bit is not something that considered secure. I don't know why
>> this was choosen but probably this caused that FIPS mode rejected the
> Contrary to popular belief, RC4-SHA is probably the most secure
> ciphersuite available in SSL/TLS. In fact RC4 is the only SSL algorithm
> not vulnerable to the BEAST attack:
> On the other hand it is easy to use RC4 in an insecure way. Many products
> and protocols were broken because RC4 was used incorrectly. This is *not*
> the case for SSL/TLS. No practical attacks are currently known against
> RC4-based SSL/TLS.
> stunnel-users mailing list
> stunnel-users at stunnel.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the stunnel-users