That's a good point on the curve configuration for older OpenSSL. I think backwards compatibility is a good question both here, and for the list of default SSL ciphers. With the RHEL6 end-of-life approaching, is it reasonable to leave SSL settings unchanged for EL6 and before, and use the more secure SSL defaults for EL7 and beyond? That'll be a trivial change to the code. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/pull/1151#issuecomment-597188384 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1