proposal: crypto/tls: add TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 support #21633
Comments
odeke-em
changed the title
|
/cc @agl @FiloSottile and other crypto folks |
|
We added the AES_128/SHA256 variant in #15487. Off by default because #13385. This would be the only suite with a SHA384 MAC. Not a fan of enabling CBC to keep going on in this world (as opposed to AEAD modes) except as a backwards compatibility crutch. But based on what @agl decides, happy to implement it. |
|
@weinong, is that really the only suite allowed by your security team? If not, what other ones are allowed? If so, do you know the rationale? It sounds like we might not want to allow this one by default, but maybe another is available? |
|
I added the CBC + SHA-256 cipher suites in a moment of weakness and regret it. I would prefer not to compound that error. |
|
No response to why. Declining. |
|
Some outbound outlook.com SMTP relays try to use this cipher suite. There is no other suite in the Go tls package that matches, so those connections cannot use STARTTLS. This is not a particularly compelling argument for adding support, rather than Microsoft fixing their servers, but it offers at least some explanation. |
Please answer these questions before submitting your issue. Thanks!
Our security team requires
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384cipher suite. Is there any plan to add it in Go?What version of Go are you using (
go version)?1.8.3 and 1.9
Does this issue reproduce with the latest release?
What operating system and processor architecture are you using (
go env)?What did you do?
What did you expect to see?
What did you see instead?
The text was updated successfully, but these errors were encountered: