Use Mozilla's intermediate cipher suites set by default.

Nick Lowe nick.lowe at gmail.com
Tue Nov 18 18:10:22 CET 2014


Phil,

I agree with you to the extent that simply modifying the default
configuration file to define a cipher_list would be a rather poor idea as
it would stick around as best practices change.

I think the right approach is to change the behaviour of FreeRADIUS so that
it sets a sane cipher suites configuration where cipher_list isn't defined
in eap.conf.

As new releases of FreeRADIUS come out, this can be easily changed as
becomes necessary as best practices change.

Nick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141118/ef9df306/attachment.html>


More information about the Freeradius-Users mailing list