Andrei Popov <andrei.po...@microsoft.com> wrote: > Hi Brian, > > > > - Look at Windows Server 2012 and similar legacy products that are in > widespread use, which don't support any PFS cipher suites except FFDHE. > > Windows Server 2012/Windows 8 support both TLS_ECDHE_ECDSA and > TLS_ECDHE_RSA cipher suites: TLS Cipher Suites in Windows 8 - Win32 apps > | Microsoft Docs > <https://docs.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-8> >
Thanks. I forgot about the CBC cipher suites. What I mean to say is that it doesn't support any cipher suites with AEAD ciphers and PFS except the DHE ones. The result was that Firefox had to choose between enabling the CBC-SHA2 cipher suites or enabling RSA + AEAD for compatibility with it, and they chose to latter; see https://bugzilla.mozilla.org/show_bug.cgi?id=1638369. Cheers, Brian
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
