Plea For Modern HTTPS Ciphers
|
2018-09-28, 06:04
Post: #1
|
|||
|
|||
Plea For Modern HTTPS Ciphers
Hi All,
Just trying to raise awareness of the importance of getting modern ciphers implemented for ipxe HTTPS. We have Red Hat's OpenShift in our company which appears to serve HTTPS only through these ciphers. ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-RSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA DHE-RSA-CAMELLIA256-SHA AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA DES-CBC3-SHA When I try and use ipxe (compiled to support DOWNLOAD_PROTO_HTTPS) to reference any of our servers I get the the "[Operation not supported] fatal error 40" error. I think this is because ipxe only supports some very outdated ciphers. The ipxe documentation says only the following ciphers are supported: RSA_WITH_AES_256_CBC_SHA256 RSA_WITH_AES_128_CBC_SHA256 RSA_WITH_AES_256_CBC_SHA RSA_WITH_AES_128_CBC_SHA I just wanted to know if anyone is working on updating HTTPS to be able to talk a few more modern ciphers? Cheers, Doug |
|||
2018-09-28, 06:09
Post: #2
|
|||
|
|||
RE: Plea For Modern HTTPS Ciphers
Closing, Duplicate of http://forum.ipxe.org/showthread.php?tid=11985, Please continue there.
Please keep it in the same place, Duplicate threads hurts both discussion and searchability. Use GitHub Discussions VRAM bin |
|||
« Next Oldest | Next Newest »
|
User(s) browsing this thread: 2 Guest(s)