> From: [email protected] [mailto:owner-openssl- > [email protected]] On Behalf Of Richard Könning > Sent: Wednesday, October 12, 2011 7:20 PM > To: [email protected] > Subject: Re: Regarding cipher suites in SSLv3. > > Am 12.10.2011 15:29, schrieb nilesh: > > Hi, > > > > I am writing some code for decryption of https data. > > Currently I have planned to support SSLv3 with AES, 3DES and RC4 > > algorithms only. > > Below are the cipher suites in SSLv3. I am looking for information on > > which of these suites are commonly used. [...] > > Any idea? > > Well, using a Kerberos cipher suite makes only sense when you are in an > environment with running Kerberos servers for authentication. If you do > not know what Kerberos is you probably don't need the Kerberos cipher > suites. Anonymous cipher suites are susceptible to MITM attacks, so > normally you don't want use them. And the EXPORT cipher suites you > don't > want use neither because they use very short encryption keys. > > With this your list will reduce to > > > TLS_RSA_WITH_RC4_128_MD5 > > TLS_RSA_WITH_RC4_128_SHA > > TLS_RSA_WITH_3DES_EDE_CBC_SHA > > TLS_DHE_RSA_WITH_AES_256_CBC_SHA > > TLS_RSA_WITH_AES_128_CBC_SHA > > TLS_RSA_WITH_AES_256_CBC_SHA > > TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA > > TLS_DHE_RSA_WITH_AES_128_CBC_SHA > > TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA > > TLS_DHE_DSS_WITH_AES_128_CBC_SHA > > TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Thanks for the clarification. > > Best regards, > Richard -- Thanks, Nilesh ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
