Alan Orth
10cbf75c27
An attack on Triple DES was recently published[0]. It's not a very high severity attack but the fact is that Triple DES is very old and there are much better ciphers to use, like AES and ChaCha20. I logged the ciphers that were negotiated on all of my vhosts over a period of 72 hours and there were zero occurences of Triple DES, so I am removing it, as suggested by the authors of the attack as well as OpenSSL[1]. [0] https://sweet32.info [1] https://www.openssl.org/blog/blog/2016/08/24/sweet32/ |
||
---|---|---|
.. | ||
all |