[openssl-users] is there an API to list all the TLS 1.3 cipher suite names?
Jordan Brown
openssl at jordan.maileater.net
Wed Jan 9 03:27:44 UTC 2019
On 1/8/2019 7:10 PM, Viktor Dukhovni wrote:
> The intent is that you SHOULD NOT generally customize the list. All
> the ciphers in question are quite safe, and if the default changes,
> you should probably go with that, rather than a frozen time-capsule
> version.
>
> Is there a good reason to want to change or freeze them at this time?
>
Our products allow the user to enable and disable individual ciphers, to
allow for both customer policy (e.g. a customer-specific approved-cipher
list) and for the possibility that one is found to be vulnerable. They
are "quite safe" today... but what about tomorrow?
--
Jordan Brown, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190109/7851fb73/attachment.html>
More information about the openssl-users
mailing list