\subsubsection{nginx}
\begin{description}
-\item[Tested with Version:]
+\item[Tested with Version:] 1.4.4 with OpenSSL 1.0.1e on OS X Server 10.8.5
\todo{version?}
%% XXX FIXME: do we need to specify dhparams? Parameter: ssl_dhparam = file. See: http://wiki.nginx.org/HttpSslModule#ssl_protocols
+It is recommended to specify your own Diffie-Hellman Parameters file of at least the same bit size as your RSA key. Eg. use no less than 2048bit DH parameters with a 2048bit RSA key.
+\begin{lstlisting}[breaklines]
+ ssl_dhparam file;
+\end{lstlisting}
+
+
\item[Additional settings:]
If you decide to trust NIST's ECC curve recommendation, you can add the following line to nginx's configuration file to select special curves: