On Wed, May 20, 2015 at 09:41:57PM -0400, Chris Hill wrote: > Folks, can you pls confirm that none of the below ciphers are affected by > this bug? From my understanding, only ciphers containing DH or DHE would be > affected. > > TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA (0x62) > TLS_RSA_EXPORT1024_WITH_RC4_56_SHA > TLS_RSA_EXPORT_WITH_RC4_40_MD5 > TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 > TLS_RSA_WITH_DES_CBC_SHA > > The above are weak, no argument there, but just want to ensure these are > not vulnerable to this newly published bug.
These have no forward secrecy at all, so technically they are not affected by the DH Logjam problem. But well, they should not be used anymore anyway. CIao, Marcus _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
