unread
A couple of final changes to the TLS RFC ...
- Encrypted server streams are now fully capable of forward secrecy (PFS).
I don't know how many people besides myself are really doing serious
production work with encrypted PHP servers but this addition is a big win
for anyone who is :)
https://wiki.php.net/rfc/improved-tls-defaults#forward_secrecy_for_servers
- As per previous discussions on the list the default cipher list is now
basically the same as the Mozilla recommendations
I would encourage anyone who'd like to try out these changes to merge the
patch linked on the RFC page directly into a 5.6 branch:
https://wiki.php.net/rfc/improved-tls-defaults#patches_and_tests
As always, thanks for your time. Voting will begin early/mid next week!
- Daniel