[docs] add !kPSK to the cipher string recommendation as the comments before already mention

From: Stefan Bühler <stbuehler@web.de> git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2933 152afb58-edef-0310-8abb-c4023f1b3aa9
2014-01-20 12:07:36 +00:00 · 2014-01-20 12:07:36 +00:00 · 3ca6adc233
parent d7c90814c3
commit 3ca6adc233
1 changed files with 2 additions and 2 deletions
--- a/doc/config/lighttpd.conf
+++ b/doc/config/lighttpd.conf
@ -411,11 +411,11 @@ server.upload-dirs = ( "/var/tmp" )
 ##     #   so you might want to support 3DES for now - just remove the '!3DES' parts below).
 ##     # - The examples below prefer ciphersuites with "Forward Secrecy" (and ECDHE over DHE (alias EDH)), remove '+kEDH +kRSA'
 ##     #   if you don't want that.
-##     # - SRP and PSK are not supported anyway, excluding those just keeps the list smaller (easier to review)
+##     # - SRP and PSK are not supported anyway, excluding those ('!kSRP !kPSK') just keeps the list smaller (easier to review)
 ##     # Check your cipher list with: openssl ciphers -v '...' (use single quotes as your shell won't like ! in double quotes)
 ##     #
 ##     # If you know you have RSA keys (standard), you can use:
-##     ssl.cipher-list             = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP"
+##     ssl.cipher-list             = "aRSA+HIGH !3DES +kEDH +kRSA !kSRP !kPSK"
 ##     # The more generic version (without the restriction to RSA keys) is
 ##     # ssl.cipher-list           = "HIGH !aNULL !3DES +kEDH +kRSA !kSRP !kPSK"
 ##     #