From 77f35861d0217273b9e478f5d35bd7d8e471e14f Mon Sep 17 00:00:00 2001
From: Roman Reiss <me@silverwind.io>
Date: Sun, 15 Feb 2015 18:43:36 +0100
Subject: tls: more secure defaults

This updates the default cipher suite to an more secure list, which
prefers strong ciphers with Forward Secrecy. Additionally, it enables
`honorCipherOrder` by default.

Noteable effect of this change is that the insecure RC4 ciphers are
disabled and that Chrome negotiates a more secure ECDHE cipher.

Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/iojs/io.js/pull/826
---
 test/parallel/test-tls-dhe.js | 1 +
 1 file changed, 1 insertion(+)

(limited to 'test/parallel')

diff --git a/test/parallel/test-tls-dhe.js b/test/parallel/test-tls-dhe.js
index 8c2892040f..af0db51b67 100644
--- a/test/parallel/test-tls-dhe.js
+++ b/test/parallel/test-tls-dhe.js
@@ -26,6 +26,7 @@ function test(keylen, expectedCipher, cb) {
   var options = {
     key: key,
     cert: cert,
+    ciphers: ciphers,
     dhparam: loadDHParam(keylen)
   };
 
-- 
cgit v1.2.1