On 31 May 2017 08:45:23 -0600, "Andy Bradford" said:
Is it possible for the client (nmh) to control which ciphers it will
negotiate with the server? I think it makes sense to leave TLS 1.0 in
there as long as the client has control over which ciphers it uses.
TLS 1.0 has known issues even if the most secure ciphers available in 1.0
are selected. It can get whacked by both BEAST and POODLE, among other
things I didn't bother googling...
pgpIUKzz47FPb.pgp
Description: PGP signature
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers