mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-02-05 18:40:01 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Revised presentation of cipher suites

Browse Source 
Include patterns on the official names.

Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine 2024-08-08 14:58:35 +02:00
parent 6df289a56f
commit a11687e543
1 changed files with 9 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
ChangeLog.d/announce-4.0-removals.txt
View File

@ -7,13 +7,16 @@ New deprecations
- Finite-field Diffie-Hellman with custom groups.
(RFC 7919 groups remain supported.)
- Elliptic curves of size 225 bits or less.
* The following mechanisms are planned to be removed from (D)TLS 1.2
* The following cipher suites are planned to be removed from (D)TLS 1.2
in Mbed TLS 4.0:
- RSA decryption (i.e. cipher suites using RSA without a key exchange:
cipher suites using an RSA signature and ECDHE are staying).
- Static ECDH (ephemeral ECDH, i.e. cipher suites using ECDHE, is staying).
- Finite-field Diffie-Hellman (i.e. DHE; ECDHE is staying)
- All cipher suites using CBC.
- TLS_RSA_* (including TLS_RSA_PSK_*), i.e. cipher suites using
RSA decryption.
(RSA signatures, i.e. TLS_ECDHE_RSA_*, are staying.)
- TLS_ECDH_*, i.e. cipher suites using static ECDH.
(Ephemeral ECDH, i.e. TLS_ECDHE_*, is staying.)
- TLS_DHE_*, i.e. cipher suites using finite-field Diffie-Hellman.
(Ephemeral ECDH, i.e. TLS_ECDHE_*, is staying.)
- TLS_*CBC*, i.e. all cipher suites using CBC.
* The following low-level interfaces are planned to be removed from the
public API in Mbed TLS 4.0:
- Hashes: hkdf.h, md5.h, ripemd160.h, sha1.h, sha3.h, sha256.h, sha512.h;