[openssl-users] Query on TLS1.2 and use of DES ciphers

Srinivas talkwithsrinivas at yahoo.co.in
Sun Jun 28 12:42:45 UTC 2015

Hello all,
I am using TLS1.2 version between the standard openssl s_server and client and cipher set to DES-CBC-SHA. The connections from the client to the server goes through sucessfully. Referring the TLS1.2 RFC @ https://www.ietf.org/rfc/rfc5246.txt, 
I see the below quote there.

Removed IDEA and DES cipher suites.  They are now deprecated and
      will be documented in a separate document.I am assuming that means all DES (including 3-DES) ciphers should be removed from TLS1.2. 
Also the above cipher is not in the list of https://www.openssl.org/docs/apps/ciphers.html#TLS-v1.2-cipher-suites. 

My question is given the above, how are my s_server and s_client able to connect through using the above cipher and TLS1.2? Is it a bug in the implementation of the s_server and s_client?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150628/eb2d0e61/attachment.html>

More information about the openssl-users mailing list