On Tue, Dec 16, 2014 at 04:23:24AM +0100, Hanno B?ck wrote: > > On Tue, Dec 16, 2014 at 02:18:40AM +0100, Hanno B?ck wrote: > > > > > Firefox and Chrome support authenticated encryption via TLS 1.2 and > > > GCM these days. However they have for some reason decided not to > > > support AES-256 but only AES-128. > > > > In which case, they will never use AES-256, and yet: > > No, you understood that wrong: They decided to not support AES-256 for > CGM. For CBC they support both 128/256.
In that case indeed many servers will choose CBC at 256 bits over GCM at 128. This is a browser configuration issue, and should be addressed there. > And yes, my initial mail was a bit confused (server chooses, not > client), still the result is the same: For very common settings it > happens that browsers choose cbc if gcm would be available (just > point chrome to https://www.openssl.org to see it). The browsers need to fix their settings, but there are many competing factors here, and perhaps they have good reasons for the choices they made. -- Viktor. _______________________________________________ openssl-dev mailing list [email protected] https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
