I'm a little confused about which cipher suites are supported by which SSL/TLS protocol versions.
I'm using Appendix C of the TLS 1.0, 1.1, and 1.2 RFCs, respectively, as a starting point for which cipher suites are supported in which version of the protocol, but I'm not sure how to parse the fact that some cipher suites are missing between documents. For example, the "export" cipher suites do not appear in Appendix C of the TLS 1.1 RFC. Does that mean that they are not available for use in TLS 1.1? Or does each revision of TLS implicitly support the list of cipher suites from the prior versions and then simply add new ones? On a related note, I assume the cipher suites defined in their own RFCs (AES in RFC3268, Cameillia in RFC4132, etc.) for TLS 1.0 are also supported in TLS 1.1 and 1.2? It's very possible all of this is spelled out somewhere that I haven't come across yet. What does is mean when "openssl cipers -tls -v" shows "SSLv3"? I assume that means that the specific cipher suite is supporte in SSL 3.0, TLS 1.0, TLS 1.1 and TLS 1.2? The cipher suites that are exclusive to TLS 1.2 are marked by "TLSv1.2"? Thanks. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
