diff options
| author | Jack Lloyd <[email protected]> | 2017-11-05 11:33:31 -0500 |
|---|---|---|
| committer | Jack Lloyd <[email protected]> | 2017-11-05 11:34:21 -0500 |
| commit | 70b5a6ac8e8787d38286edcd5dd9135bd32125b0 (patch) | |
| tree | 7b27a92ebac5b78a7299b9dc5a3640b41606a05b | |
| parent | 6a4ef2e84d321da042e67afcd6e6f93cb198d4cb (diff) | |
Additionally deprecate static RSA key exchange.
It complicates the state machine and has severe security problems.
(Not just missing PFS, but also exposing a decryption oracle that
otherwise is not available.)
[ci skip]
| -rw-r--r-- | doc/deprecated.txt | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/doc/deprecated.txt b/doc/deprecated.txt index 82505566f..9ad99a69d 100644 --- a/doc/deprecated.txt +++ b/doc/deprecated.txt @@ -15,11 +15,13 @@ in the source. - Platform support for BeOS and IRIX operating systems -- 3DES and SEED ciphersuites in TLS +- TLS: 3DES and SEED ciphersuites -- Anonymous DH/ECDH ciphersuites in TLS +- TLS: Anonymous DH/ECDH ciphersuites -- DSA ciphersuites/certs in TLS +- TLS: DSA ciphersuites/certs + +- TLS: static RSA key exchange ciphersuites - Block ciphers CAST-256, Kasumi, MISTY1, and DESX. |