On Fri, May 6, 2016 at 9:33 AM, Brian Smith <br...@briansmith.org> wrote: > So, I don't think that dropping AES-256 is the right thing to do. Instead, > the ECDHE-AES-256-GCM cipher suites should be added to Firefox. Note that > they were just recently added to Google Chrome.
These are also coming to NSS, likely in 3.25 (Firefox 49 if everything goes to plan). Supporting different PRF hashes (we need SHA-384 for those suites) turns out to be a little bit intrusive. -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto