[PATCH] DTLS: Add ECDHE-RSA-AES256-SHA384 as a v1.2 cipher suite
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Fri Jul 31 17:18:27 EDT 2020
On Thu, Jul 30, 2020 at 10:00 PM Jason Gunthorpe <jgg at ziepe.ca> wrote:
>
> If GCM is not available on the VPN server this is a reasonable fallback.
>
> Severs will not auto-fallback to older TLS if the X-DTLS12-CipherSuite is
> sent, so the existing non-GCM modes with the old TLS do not negotiate.
In terms of security that's super ugly. All these CBC ciphersuites are
problematic in TLS1.2 due to lucky13 attacks; TLS1.3 dropped all of
them. It is simply too hard to make them secure and that's why they
are disabled by default in openconnect. Not probably helpful solution,
but you may want to refer your IT to good advise at:
https://bettercrypto.org/
regards,
Nikos
More information about the openconnect-devel
mailing list