diff options
| author | Emilia Kasper <emilia@openssl.org> | 2016-03-03 19:50:03 +0100 |
|---|---|---|
| committer | Emilia Kasper <emilia@openssl.org> | 2016-03-07 16:53:42 +0100 |
| commit | a556f342201473b4bf8dbf879b03890a74e412b6 (patch) | |
| tree | 76527cf039cfd054c6a2c9f4a0008f4feaa7c403 /CHANGES | |
| parent | Makefile.in: populate [PLIB_]LDFLAG even with $target{} settings. (diff) | |
| download | openssl-a556f342201473b4bf8dbf879b03890a74e412b6.tar.xz openssl-a556f342201473b4bf8dbf879b03890a74e412b6.zip | |
Rework the default cipherlist.
- Always prefer forward-secure handshakes.
- Consistently order ECDSA above RSA.
- Next, always prefer AEADs to non-AEADs, irrespective of strength.
- Within AEADs, prefer GCM > CHACHA > CCM for a given strength.
- Prefer TLS v1.2 ciphers to legacy ciphers.
- Remove rarely used DSS, IDEA, SEED, CAMELLIA, CCM from the default
list to reduce ClientHello bloat.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'CHANGES')
| -rw-r--r-- | CHANGES | 9 |
1 files changed, 9 insertions, 0 deletions
@@ -4,6 +4,15 @@ Changes between 1.0.2g and 1.1.0 [xx XXX xxxx] + *) Changes to the DEFAULT cipherlist: + - Prefer (EC)DHE handshakes over plain RSA. + - Prefer AEAD ciphers over legacy ciphers. + - Prefer ECDSA over RSA when both certificates are available. + - Prefer TLSv1.2 ciphers/PRF. + - Remove DSS, SEED, IDEA, CAMELLIA, and AES-CCM from the + default cipherlist. + [Emilia Käsper] + *) Change the ECC default curve list to be this, in order: x25519, secp256r1, secp521r1, secp384r1. [Rich Salz] |