[openssl-dev] [openssl.org #4205] Improve the default TLS session ticket key
TJ Saunders via RT
rt at openssl.org
Sat Dec 26 20:28:46 UTC 2015
The default TLS session ticket key used by OpenSSL uses
AES128-CBC-SHA256; considering the security offered by newer
ciphersuites, the TLS session ticket key algorithm should be
updated/improved, at least to AES256-CBC-SHA256. See:
https://github.com/openssl/openssl/issues/514
Cheers,
TJ
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list