-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Tim,
On 5/26/14, 5:43 PM, Tim Whittington wrote:
On 27/05/2014, at 6:09 am, Christopher Schultz
ch...@christopherschultz.net wrote:
snip
If you run the code I referenced elsewhere in this thread, you'll
see that some of the components
Documentation aside, none of these cipher-suites are supported in Oracle
Java 7.
The AES_CBC ciphers I had there are supported in Java 7.
I have already concluded as much regarding the AES_x_GCM. Using Java 8 one
have access to these higher GCM ciphers, but only very few obscure browsers
On 26/05/2014, at 6:58 pm, Sverre Moe sverre@gmail.com wrote:
Documentation aside, none of these cipher-suites are supported in Oracle
Java 7.
The AES_CBC ciphers I had there are supported in Java 7.
I have already concluded as much regarding the AES_x_GCM. Using Java 8 one
have
Latest versions of Firefox and Chrome (and others I suspect) use GCM
ciphers (gmail seems to prefer them for example).
Yes, but it only supports AES_128_GCM_SHA256.
No Chromium support for AES_256_GCM_SHA384. Neither does it support
SHA256/SHA384 for AES_X_CBC.
You don’t have to accept the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Tim,
On 5/25/14, 9:34 PM, Tim Whittington wrote:
On 21/05/2014, at 10:21 pm, Sverre Moe sverre@gmail.com
wrote:
snip
ciphers=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA265,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sverre,
On 5/26/14, 5:42 AM, Sverre Moe wrote:
Latest versions of Firefox and Chrome (and others I suspect) use
GCM
ciphers (gmail seems to prefer them for example). Yes, but it only
supports AES_128_GCM_SHA256. No Chromium support for
AES GCM mode is not in Java 7, that is right. These higher cipher suites
are supported and implemented in Java 8. There is just that none of the
major browsers support them.
*http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html#SupportedCipherSuites
On 27/05/2014, at 6:09 am, Christopher Schultz ch...@christopherschultz.net
wrote:
snip
If you run the code I referenced elsewhere in this thread, you'll see
that some of the components are available, just not in the
combinations you have above:
$ java -showversion -classpath build/
On 21/05/2014, at 10:21 pm, Sverre Moe sverre@gmail.com wrote:
snip
ciphers=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA265,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA256
/
Documentation aside, none of these cipher-suites are
When using JSSE it seems the cipher order is predetermined.
http://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html
cipher suites supported by SunJSSE in preference order and the release in
which they were introduced.
2014-05-24 1:15 GMT+02:00 Igor Cicimov
I have found out that the connector can use these ciphers, but Chromium
can't.
I wrote a small Java program that makes a HttpsConnection with Tomcat
without problem.
Output with -Djavax.net.debug=ssl
main, WRITE: TLSv1.2 Change Cipher Spec, length = 1
*** Finished
verify_data: { 167, 191, 12,
NSA: So, how much do you want to not actually *use* string ciphers with
perfect forward secrecy?
Mozilla,Google,Opera,et-al: Hey, that's a business model RIGHT THERE!
How much do you even have?
NSA: How about, not being put out of business permanently, family members
keeping up their low
I am using the following ciphers in Tomcat:
On 23/05/2014 5:43 PM, Sverre Moe sverre@gmail.com wrote:
I am using the following ciphers in Tomcat:
NIO does support them according to the java documentation. These ciphers
have been implemented in the JSSE provider.
I have no problem making a connection to Tomcat via a Java program using a
HttpsConnection and are getting the highest cipher (TLS_ECDHE_RSA_WITH_
AES_256_GCM_SHA384).
2014-05-23
On 24/05/2014 1:15 AM, Sverre Moe sverre@gmail.com wrote:
NIO does support them according to the java documentation.
I was refering to cipher order and tomcat7 connector documentation where
only the apr connector supports the option SSLHonorCipherOrder
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Sverre,
On 5/21/14, 6:21 AM, Sverre Moe wrote:
I have tried running Tomcat with Java 7 and Java 8. Both of these
should support CBC_SHA256 and CBC_SHA384, but only Java 8 supports
GCM_SHA384. I have downloaded the Java cryptographic extensions
On 21/05/2014 8:22 PM, Sverre Moe sverre@gmail.com wrote:
I installed Tomcat-7 7.0.42 in OpenSUSE 13.1, configured support for
TLSv1.2. I then configured a list of strong ciphers only, that I wanted to
use.
Connector port=8443
protocol=org.apache.coyote.http11.Http11NioProtocol
I installed Tomcat-7 7.0.42 in OpenSUSE 13.1, configured support for
TLSv1.2. I then configured a list of strong ciphers only, that I wanted to
use.
Connector port=8443
protocol=org.apache.coyote.http11.Http11NioProtocol maxThreads=150
clientAuth=false SSLEnabled=true scheme=https secure=true
Setting only these ciphers in the JSSE connector:
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
I wrote a small Java program that makes a HttpsConnection. With it I have
no problem making a connection and getting these ciphers. So how come it
doesn't work in any
It looks to me that Chromium does not support the strongest ciphers.
The strongest/highest cipher available is
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
No support for SHA384 and no AES_256_GCM
https://www.ssllabs.com/ssltest/viewMyClient.html
Cipher Suites (in order of
21 matches
Mail list logo