ssl-config - npm Package Compare versions

Comparing version 0.0.5 to 0.0.7

package.json

		{
		"name": "ssl-config",
		"version": "0.0.5",
		"version": "0.0.7",
		"description": "Allows you to specify SSL/TLS cipher suites based on both security and browser compatibility. ",
		@@ -5,0 +5,0 @@ "main": "index.js",

README.md

		@@ -5,2 +5,4 @@ # SSL Config

		The suite list uses [the cipher suite prioritization logic from Mozilla](https://wiki.mozilla.org/Security/Server_Side_TLS#Prioritization_logic). Since [Firefox](https://www.ssllabs.com/ssltest/viewClient.html?name=Firefox&version=35&platform=OS%20X) and [Chrome](https://www.ssllabs.com/ssltest/viewClient.html?name=Chrome&version=40&platform=OS%20X) don't support AES-GCM with 256 bit keys, a 128 bit AES key is considered superior.

		Note this package only sets cipher suites and TLS/SSL versions, other parts of the recommendations are implemented elsewhere, eg, for Express servers HSTS we recommend using [Helmet](https://www.npmjs.com/package/helmet).
		@@ -14,11 +16,11 @@

		Firefox 27, Chrome 22, IE 11, Opera 14, Safari 7, Android 4.4, Java 8 and newer.
		Requires IE 11, Firefox 27, Chrome 22, Safari 7, Android 4.4, Opera 14, Java 8 or newer.

		### intermediate

		Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7 and newer.
		Requires IE 7, Firefox 1, Chrome 1, Safari 1, Windows XP IE8, Android 2.3, Opera 5, Java 7 or newer.

		### old

		Windows XP IE6, Java 6 and newer. You really shouldn't use this setting, it is implemented for completeness.
		Windows XP IE6, Java 6 and newer. You really shouldn't use this setting, it is implemented for compatibility with Mozilla's tools.

		@@ -25,0 +27,0 @@ Eg:

New alerts