On Tue, Jul 26, 2016 at 12:08:33PM +0000, Viktor Dukhovni wrote: > On Tue, Jul 26, 2016 at 01:09:04PM +0300, Ilari Liusvaara wrote: > > > > Failure: > > > openssl s_client -connect regmedia.co.uk:443 -cipher > > > ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305 > > > > If you swap the order of these two ciphersuites, does it suceed or fail? > > > > I.e. > > > > openssl s_client -connect regmedia.co.uk:443 -cipher > > ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256 > > I can reproduce the reported failure in the original order, and at > least for me the swapped variant succeeds.
Thank you. > > Well, your test results certainly blow basic "negotiation accidentially > > blows off all valid candidates and then fails" hypothesis out of the > > water. So it has to be soemthing more complicated. > > > > Succeeding with the ciphersuites swapped would suggest (as somebody > > else in this thread already said) that it only considers Chacha in > > the first place, not noticing that it may be the only choice after > > certificate selection. > > Perhaps that's the issue. Oops, that should have been: Chacha ciphersuites are considered for certificate selection in any position, but only in first position for protection selection. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
