On 11/01/2013 01:43 AM, Brian Smith wrote: > On Fri, Nov 1, 2013 at 1:28 AM, Jeff Hodges <j...@somethingsimilar.com> wrote: >> /* New non-experimental openly spec'ed versions of those cipher suites. */ >> #define SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA 0xfeff >> #define SSL_RSA_FIPS_WITH_DES_CBC_SHA 0xfefe >> >> Does anyone know what spec this cipher suite came from? And, perhaps, why >> it's still a good idea to be in the client hello? This last question I ask >> very gently and out of curiosity. > See > http://www-archive.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html > > Based on reading that, these cipher suites seem to be be a way to > backport the TLS 1.0 PRF to SSL 3.0 after NIST decided that the SSL > 3.0 PRF was unacceptable, back when TLS 1.0 was still new and shiny. I > agree it makes sense to remove it from Firefox's ClientHello and we > already have plans for that. See > https://briansmith.org/browser-ciphersuites-01.html. Brian's exactly right. These ciphers were added to allow FIPS validation of an NSS engine that could only do SSL3, not TLS 1.0. With TLS 1.0, these ciphers are no longer needed, and quite rightly should be removed from the ff client hello.
bob > > Cheers, > Brian
smime.p7s
Description: S/MIME Cryptographic Signature
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
