[openssl-users] FIPS: SSL 3.0 now forbidden in latest NDCPP update
jonetsu at teksavvy.com
Tue Apr 28 13:23:14 UTC 2015
> SSLv3 in the ciphersuite definition means it can be used in
> SSLv3 *and later*. A ciphersuite isn't defined once for SSLv3,
> and then again for TLS1.0, and again for TLS1.1 etc - its just
> defined once and is reused across multiple protocol versions.
Yes, this is what I basically understood. What was lacking then in my
undestanding, is that :
% OPENSSL_FIPS=1 openssl ciphers -v
Will not output strictly according to FIPS. Maybe there's no easy way to do
that when the definition of a cipher states otherwise.
View this message in context: http://openssl.6102.n7.nabble.com/FIPS-SSL-3-0-now-forbidden-in-latest-NDCPP-update-tp57695p57764.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
More information about the openssl-users