Re: is there an API to list all the TLS 1.3 cipher suite names?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 1/8/2019 7:10 PM, Viktor Dukhovni wrote:
The intent is that you SHOULD NOT generally customize the list. All the ciphers in question are quite safe, and if the default changes, you should probably go with that, rather than a frozen time-capsule version.

Is there a good reason to want to change or freeze them at this time?


Our products allow the user to enable and disable individual ciphers, to allow for both customer policy (e.g. a customer-specific approved-cipher list) and for the possibility that one is found to be vulnerable.  They are "quite safe" today... but what about tomorrow?


-- 
Jordan Brown, Oracle Solaris
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux