OpenSSL 3.0.0 enabling SSLv3 support
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Oct 7 15:53:02 UTC 2021
On Thu, Oct 07, 2021 at 09:38:30AM -0500, Mark Hack wrote:
> Added to all the weaknesses in SSLv3, the only supported cipher suites
> are either vulnerable or deprecated and not advisable.
If we set aside browsers where CBC padding oracles are a problem, the
below are in practice still reasonably strong in most other
applications.
ECDHE-RSA-AES256-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
And yet, SSLv3 should still not be used, because it does not support
extensions, so no SNI, no protection against insecure renegotiation, ...
--
Viktor.
More information about the openssl-users
mailing list