> SSLv3 in the ciphersuite definition means it can be used in > SSLv3 *and later*. A ciphersuite isn't defined once for SSLv3, > and then again for TLS1.0, and again for TLS1.1 etc - its just > defined once and is reused across multiple protocol versions. Yes, this is what I basically understood. What was lacking then in my undestanding, is that : % OPENSSL_FIPS=1 openssl ciphers -v Will not output strictly according to FIPS. Maybe there's no easy way to do that when the definition of a cipher states otherwise. Thanks. -- View this message in context: http://openssl.6102.n7.nabble.com/FIPS-SSL-3-0-now-forbidden-in-latest-NDCPP-update-tp57695p57764.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
