aboutsummaryrefslogtreecommitdiffstats
path: root/doc/manual/tls.rst
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2016-11-16 12:05:34 -0500
committerJack Lloyd <[email protected]>2016-11-17 13:56:25 -0500
commit74cf1686b727d9b41781df66f3f74d63b9c5cfe2 (patch)
treec5127473f7676763202cf79837bd4328c903a21d /doc/manual/tls.rst
parent97df0c27b878d77799353ccc9eda9705b1ec1fa4 (diff)
Add CECPQ1 TLS ciphersuites
Tested against BoringSSL (as client + server) and google.com (as client). Fix a stupid crashing bug in NewHope's BoringSSL mode. Remove unneeded error return from curve25519_donna - always returned 0. Default policy prefers ChaChaPoly1305 over GCM and CECPQ1 over ECDH/DH, which means the default no-extra-configuration ciphersuite (for Botan client speaking to Botan server) is a ciphersuite which is both implemented in constant time on all platforms and (hopefully) provides post quantum security. Good Things.
Diffstat (limited to 'doc/manual/tls.rst')
-rw-r--r--doc/manual/tls.rst4
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/manual/tls.rst b/doc/manual/tls.rst
index 24dc5093a..973b8ff0f 100644
--- a/doc/manual/tls.rst
+++ b/doc/manual/tls.rst
@@ -522,7 +522,7 @@ policy settings from a file.
Cipher names without an explicit mode refers to CBC+HMAC ciphersuites.
- Default value: "AES-256/GCM", "AES-128/GCM", "ChaCha20Poly1305",
+ Default value: "ChaCha20Poly1305", "AES-256/GCM", "AES-128/GCM",
"AES-256/CCM", "AES-128/CCM", "AES-256", "AES-128"
Also allowed: "AES-256/CCM(8)", "AES-128/CCM(8)",
@@ -567,7 +567,7 @@ policy settings from a file.
Returns the list of key exchange methods we are willing to use,
in order of preference.
- Default: "ECDH", "DH"
+ Default: "CECPQ1", "ECDH", "DH"
Also allowed: "RSA", "SRP_SHA", "ECDHE_PSK", "DHE_PSK", "PSK"