Table of Contents
Advertisement
180 Supported Ciphers
Modifying a Cipher List
Starting from the RC4:ALL:!DH cipher list, an example of a slightly
modified cipher list can be: RC4:ALL:!EXPORT:!DH
This example will remove all EXPORT ciphers, besides the DH related
cipher suites. Removing the EXPORT ciphers means that all ciphers using
either 40 or 56 bits symmetric ciphers are removed from the list. This
means that browsers running export controlled crypto software cannot
access the server.
Using the OpenSSL command line tool (on a UNIX machine), it is possible
to check which cipher suites a particular cipher list corresponds to. The
preceding example yields the following output:
Copyright © 2007-2008 Nortel Networks
.
Nortel VPN Gateway
User Guide
NN46120-104 02.01 Standard
14 April 2008
Advertisement
Table of Contents
