diff options
| author | Mathieu Pasquet <mathieui@mathieui.net> | 2014-01-15 18:28:23 +0100 |
|---|---|---|
| committer | mathieui <mathieui@mathieui.net> | 2014-02-13 00:50:32 +0100 |
| commit | 05a9e03d5392103e2e17b0d3da58532ef5b3f671 (patch) | |
| tree | 7123242ce8f943ee4f98e2a6dbf44e15cb1ca906 /data/default_config.cfg | |
| parent | 7e3efccb537ae11e9550ddf14ea6ca4ba472804a (diff) | |
| download | poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.gz poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.bz2 poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.tar.xz poezio-05a9e03d5392103e2e17b0d3da58532ef5b3f671.zip | |
Add a configurable way of setting cipher suites
And put reasonable defaults
Diffstat (limited to 'data/default_config.cfg')
| -rw-r--r-- | data/default_config.cfg | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/data/default_config.cfg b/data/default_config.cfg index ace8907a..17d74745 100644 --- a/data/default_config.cfg +++ b/data/default_config.cfg @@ -41,11 +41,17 @@ resource = # Make sure the server you're using accepts anonymous authentication server = anon.jeproteste.info -# SSL Certificate fingerprint +# TLS Certificate fingerprint # Do not touch this if you don’t know what you are doing certificate = -# Skip the SSL certificate fingerprint verification +# List of ciphers allowed when connecting to the server, +# this list prioritizes forward secrecy and forbids anything +# weaker than 128 bits. +# You should probably leave it as it is +ciphers = HIGH+kEDH:HIGH+kEECDH:HIGH:!PSK:!SRP:!3DES:!aNULL + +# Skip the TLS certificate fingerprint verification # Should be false in most cases, as you want to check that the server keeps # the same certificate. ignore_certificate = false |