Alright, I'm satisfied that OpenSSL as used in DC++ sufficiently addresses this issue such that I'll add ECDHE-ECDSA-AES128-GCM-SHA256 and ECDHE-ECDSA-AES128-SHA.
However, what additional value does ECDHE-ECDSA-AES128-SHA256 add? It's CBC, rather than AEAD [1], and thus vulnerable to http://www.isg.rhul.ac.uk/tls/Lucky13.html unlike ECDHE-ECDSA-AES128 -GCM-SHA256 without, as far as I can tell, being more compatible than it, as both are TLS v1.2 ciphersuites. [1] "The following lists give the SSL or TLS cipher suites names from the relevant specification and their OpenSSL equivalents. ... TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 ECDHE-ECDSA-AES128-SHA256", https://www.openssl.org/docs/manmaster/apps/ciphers.html -- You received this bug notification because you are a member of Dcplusplus-team, which is subscribed to DC++. https://bugs.launchpad.net/bugs/1484807 Title: Encryption problems in DC++ 0.851 when connecting to a LUADCH hub Status in DC++: New Bug description: we are running Luadch 2.14 in the hubs and when we updated to the latest we got problems whit 0.851 clients. It works whit 0.843. Whit the 0.851 we get tls error.. I have talkt to the Dev from Luadch and they say that this is something wrong whit 0.851 Kungen To manage notifications about this bug go to: https://bugs.launchpad.net/dcplusplus/+bug/1484807/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~linuxdcpp-team Post to : [email protected] Unsubscribe : https://launchpad.net/~linuxdcpp-team More help : https://help.launchpad.net/ListHelp
