So if I'm using 1.0.2, and want to deprecate 3DES, I need to do that as part of my build?
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Scott Neugroschl Sent: Thursday, May 11, 2017 11:13 AM To: openssl-users@openssl.org Subject: Re: [openssl-users] Dumb question about DES OK. Are the 3DES CBC ciphers still part of DEFAULT? From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Benjamin Kaduk via openssl-users Sent: Thursday, May 11, 2017 9:18 AM To: openssl-users@openssl.org<mailto:openssl-users@openssl.org> Subject: Re: [openssl-users] Dumb question about DES Those ciphers are triple-DES, not single-DES. (The "CBC3" gives it away ... well, not exactly.) The single-DES ciphers were removed in release 1.1.0 (they are included in the "40 and 56 bit cipher support removed from libssl" item in the release notes), though the raw crypto primitives remain in libcrypto. -Ben On 05/11/2017 11:07 AM, Scott Neugroschl wrote: Has DES been deprecated in OpenSSL? If so, what release? In particular the following ciphers 0.19 EDH-DSS-DES-CBC3-SHA 0.22 EDH-RSA-DES-CBC3-SHA 192.13 ECDH-RSA-DES-CBC3-SHA 192.3 ECDH-ECDSA-DES-CBC3-SHA 192.18 ECDHE-RSA-DES-CBC3-SHA 192.8 ECDHE-ECDSA-DES-CBC3-SHA --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users