crypto/tls: add support for additional TLS ciphers #26652
Labels
FrozenDueToAge
NeedsInvestigation
Someone must examine and confirm this is a valid issue and not a duplicate of an existing one.
Milestone
I'm working on a project that requires connecting to a myriad of servers running a wide variety of software using HTTPS. Because I have no real influence over their configuration, I'm forced to use the ciphers they allow. There's a few that aren't included in Go, and I'm curious as to why or if you're open to supporting them:
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
I've found a few other issues mentioning not using CBC where it can be avoided, but it can't in this case. Is there a reason these wouldn't be supported, but the same variants with other SHA versions would? For example, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 isn't defined, but TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA is. All three of those are like this, where just the SHA version is different and not necessarily better.
Thanks!
The text was updated successfully, but these errors were encountered: