On Wed, Aug 29, 2018 at 3:56 PM, Nils Ohlmeier <nohlme...@mozilla.com> wrote:
> Summary: > > We are looking at removing the DHE cipher suites from the DTLS handshake > in Firefox soon. > > Ciphers: > - TLS_DHE_RSA_WITH_AES_128_CBC_SHA > - TLS_DHE_RSA_WITH_AES_256_CBC_SHA > are the two suites which we want to remove, because they are considered > too weak. > Are these suites considered "too weak" across the board? For historical reasons Firefox for Android will handshake to Firefox Sync servers using these suites: https://searchfox.org/mozilla-central/rev/05d91d3e02a0780f44599371005591d7988e2809/mobile/android/services/src/main/java/org/mozilla/gecko/background/common/GlobalConstants.java#73. Sounds like we should drop those suites there too -- can you confirm? Nick _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
