Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-08 Thread Yury Mazin via openssl-users
Viktor, Thank you. Yury From: openssl-users on behalf of Viktor Dukhovni Sent: Tuesday, September 8, 2020 10:56 AM To: openssl-users@openssl.org Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option On Tue, Sep 08, 2020

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-08 Thread Viktor Dukhovni
On Tue, Sep 08, 2020 at 05:39:51PM +, Yury Mazin via openssl-users wrote: > I have a question based on the response provided to me: > > My question is why following openssl commands (version 1.1.1f) return > those TLSv1.3 ciphers as offering no authentication and no encryption? It does

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-08 Thread Tomas Mraz
openssl-users@openssl.org > Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl > -cipher aNULL option > > On Fri, Sep 04, 2020 at 07:00:01PM +, Yury Mazin via openssl- > users wrote: > > > Thank you Benjamin, > > > > According to OpenSSL

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-08 Thread Yury Mazin via openssl-users
Mac=AEAD TLS_AES_128_GCM_SHA256 TLSv1.3 Kx=any Au=any Enc=AESGCM(128) Mac=AEAD From: Yury Mazin Sent: Friday, September 4, 2020 12:43 PM To: openssl-users@openssl.org Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL optio

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-04 Thread Yury Mazin via openssl-users
Viktor, Thank you for clarifying it. Yury From: openssl-users on behalf of Viktor Dukhovni Sent: Friday, September 4, 2020 12:10 PM To: openssl-users@openssl.org Subject: Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option On Fri

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-04 Thread Viktor Dukhovni
On Fri, Sep 04, 2020 at 07:00:01PM +, Yury Mazin via openssl-users wrote: > Thank you Benjamin, > > According to OpenSSL , aNULL stands for no-authentication. Specifically, SSL 3.0 through TLS 1.2 ciphers in which the server and client exchange no certificates, and the TLS handshake

Re: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-04 Thread Yury Mazin via openssl-users
From: Benjamin Kaduk Sent: Thursday, September 3, 2020 5:12 PM To: Yury Mazin Cc: openssl-users@openssl.org Subject: [EXTERNAL] - Re: Question about TLS 1.3 and openssl -cipher aNULL option On Thu, Sep 03, 2020 at 11:45:28PM +, Yury Mazin via openssl-users wrote: > He

Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-03 Thread Benjamin Kaduk via openssl-users
On Thu, Sep 03, 2020 at 11:45:28PM +, Yury Mazin via openssl-users wrote: > Hello, > > We have a server was originaly using OpenSSL 1.0.2h. > Server is configured to use SSL ciphers as following > ALL:!aNULL:!ADH:!EDH:!eNULL:!EXPORT > When openssl client tries to connect to this server with

Re: Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-03 Thread Viktor Dukhovni
On Thu, Sep 03, 2020 at 11:45:28PM +, Yury Mazin via openssl-users wrote: > We have a server was originaly using OpenSSL 1.0.2h. Server is > configured to use SSL ciphers as following: > > ALL:!aNULL:!ADH:!EDH:!eNULL:!EXPORT > > When openssl client tries to connect to this server with

Question about TLS 1.3 and openssl -cipher aNULL option

2020-09-03 Thread Yury Mazin via openssl-users
Hello, We have a server was originaly using OpenSSL 1.0.2h. Server is configured to use SSL ciphers as following ALL:!aNULL:!ADH:!EDH:!eNULL:!EXPORT When openssl client tries to connect to this server with command openssl s_client -connect localhost:8101-cipher aNULL it fails, because any aNULL