Revised presentation of cipher suites

Include patterns on the official names. Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2025-04-25 09:02:48 +00:00 · 2024-08-08 14:58:35 +02:00 · 2024-08-08 14:58:35 +02:00 · a11687e543
commit a11687e543
parent 6df289a56f
1 changed files with 9 additions and 6 deletions
--- a/ChangeLog.d/announce-4.0-removals.txt
+++ b/ChangeLog.d/announce-4.0-removals.txt
@ -7,13 +7,16 @@ New deprecations
     - Finite-field Diffie-Hellman with custom groups.
       (RFC 7919 groups remain supported.)
     - Elliptic curves of size 225 bits or less.
-   * The following mechanisms are planned to be removed from (D)TLS 1.2
+   * The following cipher suites are planned to be removed from (D)TLS 1.2
     in Mbed TLS 4.0:
-     - RSA decryption (i.e. cipher suites using RSA without a key exchange:
+     - TLS_RSA_* (including TLS_RSA_PSK_*), i.e. cipher suites using
-       cipher suites using an RSA signature and ECDHE are staying).
+       RSA decryption.
-     - Static ECDH (ephemeral ECDH, i.e. cipher suites using ECDHE, is staying).
+       (RSA signatures, i.e. TLS_ECDHE_RSA_*, are staying.)
-     - Finite-field Diffie-Hellman (i.e. DHE; ECDHE is staying)
+     - TLS_ECDH_*, i.e. cipher suites using static ECDH.
-     - All cipher suites using CBC.
+       (Ephemeral ECDH, i.e. TLS_ECDHE_*, is staying.)
     - TLS_DHE_*, i.e. cipher suites using finite-field Diffie-Hellman.
       (Ephemeral ECDH, i.e. TLS_ECDHE_*, is staying.)
     - TLS_*CBC*, i.e. all cipher suites using CBC.
   * The following low-level interfaces are planned to be removed from the
     public API in Mbed TLS 4.0:
     - Hashes: hkdf.h, md5.h, ripemd160.h, sha1.h, sha3.h, sha256.h, sha512.h;