This repository has been archived by the owner on Feb 16, 2021. It is now read-only.
Include reasoning why certain ciphers should be removed #80
Comments
|
We should also revisit the Modern policy for SSH and provide justifications for each and maybe even get some community vetting of the list. This could be a good discussion point for next week in SFO over beverages_of_choice. |
|
/cc @gdestuynder you game? |
|
Don't block this on that, but Modern's already been under review for some time now in a bug open on their side. |
|
/cc @jvehent interested? |
|
Yeah i think we have a similar "issue" with TLS guidelines, where we basically make an opinionated choice on what list you need to be following the standard we set. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Source: https://twitter.com/fugueish/status/876891820134813696
Currently, we suggest removal for cases where a cipher is not in the policy. Perhaps we need to be more specific about why a cipher is not part of a given policy.
The text was updated successfully, but these errors were encountered: