> On Apr 15, 2018, at 5:06 PM, Benjamin Kaduk <ka...@mit.edu> wrote:
>
> IIUC a fixed DH certificate is incompatible with TLS 1.3 but can be
> TLS 1.2-compatible.
Yes, you're right, TLS 1.3 dropped fixed-dh support, but we've a while back
dropped support for all the (authenticated) corresponding TLS 1.2 ciphers!
$ OpenSSL_master/bin/openssl ciphers -stdname -v ALL | grep _DH_ | awk
'{print $1}'
TLS_DH_anon_WITH_AES_256_GCM_SHA384
TLS_DH_anon_WITH_AES_128_GCM_SHA256
TLS_DH_anon_WITH_AES_256_CBC_SHA256
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
TLS_DH_anon_WITH_AES_128_CBC_SHA256
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
TLS_DH_anon_WITH_AES_256_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
TLS_DH_anon_WITH_AES_128_CBC_SHA
TLS_DH_anon_WITH_SEED_CBC_SHA
TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
We should perhaps also drop the fixed DH anon ones too, leaving them in might
have been inadvertent.
--
Viktor.
_______________________________________________
openssl-project mailing list
openssl-project@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-project
