Stitched vs non-Stitched Ciphersuites
Matt Caswell
matt at openssl.org
Wed Feb 27 16:42:37 UTC 2019
On 27/02/2019 16:33, Sam Roberts wrote:
> On Tue, Feb 26, 2019 at 8:42 AM Matt Caswell <matt at openssl.org> wrote:
>>> What about AEAD ciphers? Are they considered "stitched"?
>>
>> No, they are not "stitched" but they are not impacted by this issue. We should
>> probably make that clearer in the advisory.
>
> That would be helpful!
It has been updated:
https://www.openssl.org/news/secadv/20190226.txt
>
> Even though this is fixed, would the general advice still be "avoid
> CBC in favour of AESCCM and AESGCM when using TLS1.2"? Or update to
> TLS1.3.
IMO, and in order:
- TLSv1.3 is preferable to TLSv1.2
- in TLSv1.2 forward secret ciphersuites are preferable to non-forward secret ones
- in TLSv1.2 using an AEAD based ciphersuite is preferable to a CBC one
Probably there is a whole bunch of other stuff that should be added to that list
- but I'm sure others will chip in with their advice :-)
Matt
More information about the openssl-users
mailing list