[openssl-users] is there an API to list all the TLS 1.3 cipher suite names?

Jordan Brown openssl at jordan.maileater.net
Wed Jan 9 03:27:44 UTC 2019

On 1/8/2019 7:10 PM, Viktor Dukhovni wrote:
> The intent is that you SHOULD NOT generally customize the list. All
> the ciphers in question are quite safe, and if the default changes,
> you should probably go with that, rather than a frozen time-capsule
> version.
> Is there a good reason to want to change or freeze them at this time?

Our products allow the user to enable and disable individual ciphers, to
allow for both customer policy (e.g. a customer-specific approved-cipher
list) and for the possibility that one is found to be vulnerable.  They
are "quite safe" today... but what about tomorrow?

Jordan Brown, Oracle Solaris

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190109/7851fb73/attachment.html>

More information about the openssl-users mailing list