On Mon, Nov 25, 2013, Salz, Rich wrote: > Is there a way to see something like AES128-SHA is okay with TLSv1.2, but not > with SSLv3? >
On the client side there's no way to represent this in the protocol, if you support SSLv3 and TLS v1.2 then it is assumed that any cipher which can be legally used with either can be selected with the server. Server side at least it would be theoretically possible: i.e. only choose a ciphersuite if TLS v1.2 is negotiated. OpenSSL doesn't support this though. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
