I've just been reading about recommended and deprecated encryption and tripped over a nist document (http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-131Ar1.pdf) that distinguishes between 2key and 3key 3DES saying that the former is deprecated after 2015 but the latter is still acceptable.
Is this distinguishable in openssl? I.e. if we negotiate TLS_RSA_WITH_3DES_EDE_CBC_SHA does it always use the 3-key version? (I'm experimenting running NeXpose against an embedded device to look for security holes and it complained about DES (we only use 3DES) and CBC - odd!) Thanks ... N Nou Dadoun Senior Firmware Developer, Security Specialist Office: 604.629.5182 ext 2632 Support: 888.281.5182 | avigilon.com Follow Twitter | Follow LinkedIn This email, including any files attached hereto (the "email"), contains privileged and confidential information and is only for the intended addressee(s). If this email has been sent to you in error, such sending does not constitute waiver of privilege and we request that you kindly delete the email and notify the sender. Any unauthorized use or disclosure of this email is prohibited. Avigilon and certain other trade names used herein are the registered and/or unregistered trademarks of Avigilon Corporation and/or its affiliates in Canada and other jurisdictions worldwide. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
