[openssl-dev] [openssl.org #2610] Bug(?): both the "!SSLv3" and the "!TLSv1" cipher strings seem to mutually delete the ciphersuites from the other set as well

Not a bug. It's when the ciphers were first defined, not the name of them. -- Rich Salz, OpenSSL dev team; rs...@openssl.org ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: CIPHER STRINGS

- Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Tuesday, 14 October, 2014 6:39:11 AM Subject: Re: CIPHER STRINGS On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org

Re: CIPHER STRINGS

On 10/14/14 16:47, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Tuesday, 14 October, 2014 6:39:11 AM Subject: Re: CIPHER STRINGS On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com

Re: CIPHER STRINGS

- Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Monday, 13 October, 2014 5:38:28 AM Subject: Re: CIPHER STRINGS On 10/13/14 01:13, Viktor Dukhovni wrote: On Sun, Oct 12, 2014 at 11:36:01PM +0530, dE wrote: A command line tool. Like openssl

Re: CIPHER STRINGS

On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Monday, 13 October, 2014 5:38:28 AM Subject: Re: CIPHER STRINGS On 10/13/14 01:13, Viktor Dukhovni wrote: On Sun, Oct 12, 2014 at 11:36:01PM +0530, dE wrote

Re: CIPHER STRINGS

On 10/14/14 10:09, dE wrote: On 10/13/14 17:09, Hubert Kario wrote: - Original Message - From: dE de.tec...@gmail.com To: openssl-dev@openssl.org Sent: Monday, 13 October, 2014 5:38:28 AM Subject: Re: CIPHER STRINGS On 10/13/14 01:13, Viktor Dukhovni wrote: On Sun, Oct 12, 2014 at 11

CIPHER STRINGS

Hi. I was reading the openssl ciphers command, where I would like to suggest something for the CIPHER STRINGS. Currently all possible cipher strings are listed in the man page with each of their names having a description which may or may not specify if it's an authentication, encryption

Re: CIPHER STRINGS

Hello! Have you seen: `openssl ciphers -v` output? Cheers, Fedor. On Sun, Oct 12, 2014 at 8:13 PM, dE de.tec...@gmail.com wrote: Hi. I was reading the openssl ciphers command, where I would like to suggest something for the CIPHER STRINGS. Currently all possible cipher strings are listed

Re: CIPHER STRINGS

On Sun, Oct 12, 2014 at 08:33:58PM +0400, Fedor Indutny wrote: Have you seen: `openssl ciphers -v` output? This does not list the cipher string building blocks that represent classes of cipher suites rather than an individual cipher suite. Perhaps the OP wants to be able to list these:

Re: CIPHER STRINGS

On 10/12/14 22:15, Viktor Dukhovni wrote: On Sun, Oct 12, 2014 at 08:33:58PM +0400, Fedor Indutny wrote: Have you seen: `openssl ciphers -v` output? This does not list the cipher string building blocks that represent classes of cipher suites rather than an individual cipher suite. Perhaps

Re: CIPHER STRINGS

On Sun, Oct 12, 2014 at 11:36:01PM +0530, dE wrote: A command line tool. Like openssl list-ciphersuits My own preference in this case is complete and accurate documentation. This'll also avoid updating the man page with long descriptive text. Even if a command-line tool is created, complete

Re: CIPHER STRINGS

On 10/13/14 01:13, Viktor Dukhovni wrote: On Sun, Oct 12, 2014 at 11:36:01PM +0530, dE wrote: A command line tool. Like openssl list-ciphersuits My own preference in this case is complete and accurate documentation. This'll also avoid updating the man page with long descriptive text. Even

Re: CIPHER STRINGS

On Mon, Oct 13, 2014 at 09:08:28AM +0530, dE wrote: Even if a command-line tool is created, complete and accurate documentation is not optional. Problem with the documentation is that it's not complete. Many of these don't specify what does the algo do (auth, digest etc...). That's the

[openssl.org #3299] Allow setting custom cipher strings in the openssl config file.

From e3ceaac2c8a5380aee753ec391a1d5ea5ae46fad Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos n...@redhat.com Date: Tue, 8 Apr 2014 10:36:05 +0200 Subject: [PATCH 1/2] Allow setting custom cipher strings in the openssl config file. When the PROFILE=KEYWORD is specified as a cipher string

RE: [openssl.org #3299] Allow setting custom cipher strings in the openssl config file.

: [openssl.org #3299] Allow setting custom cipher strings in the openssl config file. When the PROFILE=KEYWORD is specified as a cipher string, openssl will expand the keyword to the defined cipher string in the configuration file under section cipher_profiles. That requires the default (or any

[openssl.org #2610] Bug(?): both the !SSLv3 and the !TLSv1 cipher strings seem to mutually delete the ciphersuites from the other set as well

/ciphers.html SSL v3.0 cipher suite names start with SSL_, TLS v1.0 cipher suite names start with TLS_. If that is true, then it does not seem to be proper operation to remove both SSLv3 and TLSv1 cipher suites from the cipher suite list if only one of the cipher strings (!SSLv3 xor !TLSv1