> On Jul 25, 2016, at 3:08 PM, Martin Rex <m...@sap.com> wrote: > > specifically, after the FF update, this new TLS ciphersuite: > > security.ssl3.ecdhe_ecdsa_aes_128_gcm_sha256 (0xcc, 0xa9) > > was the only ECDSA cipher suite enabled in my Firefox 47.0.1, and this > kills connectivity (TLS handshake_failure alert) with regmedia.co.uk.
OpenSSL lists "CC, A9" as: 0xCC,0xA9 - ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=CHACHA20/POLY1305(256) Mac=AEAD Which is not AES_128_GCM. The IANA registry seems to agree: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4 0xCC,0xA9 TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 Y [RFC7905] -- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
