On Fri, Nov 1, 2013 at 1:28 AM, Jeff Hodges <j...@somethingsimilar.com> wrote: > /* New non-experimental openly spec'ed versions of those cipher suites. */ > #define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff > #define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe > > Does anyone know what spec this cipher suite came from? And, perhaps, why > it's still a good idea to be in the client hello? This last question I ask > very gently and out of curiosity.
See http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html Based on reading that, these cipher suites seem to be be a way to backport the TLS 1.0 PRF to SSL 3.0 after NIST decided that the SSL 3.0 PRF was unacceptable, back when TLS 1.0 was still new and shiny. I agree it makes sense to remove it from Firefox's ClientHello and we already have plans for that. See https://briansmith.org/browser-ciphersuites-01.html. Cheers, Brian -- Mozilla Networking/Crypto/Security (Necko/NSS/PSM) -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto