The SSL attack known as BEAST (https://community.qualys.com/blogs/securitylabs/2011/10/17/mitigating-the-beast-attack-on-tls) can be countered with recent IO::Socket::SSL releases. Documentation about it is in the IO::Socket::SSL manpage.
The missing piece for Perlbal is the passthrough mechanism for ssl_honor_cipher_order which I added in my fork. Tested with the help of https://www.ssllabs.com/ssltest/analyze.html
add support for ssl_honor_cipher_order
Wouldn't it be better to turn it on by default?
Since the maintainer of IO::Socket::SSL chose to not make it the default I wanted to follow his reasoning. He has this separate option, Openssl has this separate option, apache has it too, so it might cause more confusion when Perlbal tries to be different.
In https://rt.cpan.org/Ticket/Display.html?id=76929 Steffen comments on this question. Search for 'Therefore I don't like the workaround included by default.'