Changes between Initial Version and Version 14 of Ticket #16262


Ignore:
Timestamp:
10/29/14 14:46:26 (4 years ago)
Author:
datallah
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #16262

    • Property Component changed from unclassified to libpurple
    • Property Summary changed from Connecting to ejabberd that has RC4 disabled: SSH Handshake Failed to Enabled ciphers in NSS unnecessarily limited
    • Property Version changed from 2.10.9 to 2.10.10
    • Property Keywords nss added
  • Ticket #16262 – Description

    initial v14  
    1919
    2020Should Pidgin be able to use one of the non-RC4 ciphers supported by my ejabberd-configuration?
     21
     22In NSS 3.17.1 the following ciphers are enabled:
     23{{{
     24TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
     25TLS_DHE_RSA_WITH_AES_128_CBC_SHA
     26TLS_DHE_DSS_WITH_AES_128_CBC_SHA
     27TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
     28TLS_DHE_RSA_WITH_AES_256_CBC_SHA
     29TLS_DHE_DSS_WITH_AES_256_CBC_SHA
     30TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
     31TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
     32TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
     33TLS_DHE_DSS_WITH_RC4_128_SHA
     34TLS_RSA_WITH_AES_128_GCM_SHA256
     35TLS_RSA_WITH_AES_128_CBC_SHA
     36TLS_RSA_WITH_AES_128_CBC_SHA256
     37TLS_RSA_WITH_AES_256_CBC_SHA
     38TLS_RSA_WITH_AES_256_CBC_SHA256
     39TLS_RSA_WITH_3DES_EDE_CBC_SHA
     40TLS_RSA_WITH_RC4_128_SHA
     41TLS_RSA_WITH_RC4_128_MD5
     42TLS_DHE_RSA_WITH_DES_CBC_SHA
     43TLS_DHE_DSS_WITH_DES_CBC_SHA
     44SSL_CK_RC4_128_WITH_MD5
     45SSL_CK_RC2_128_CBC_WITH_MD5
     46SSL_CK_DES_192_EDE3_CBC_WITH_MD5
     47SSL_CK_DES_64_CBC_WITH_MD5
     48SSL_CK_RC4_128_EXPORT40_WITH_MD5
     49SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5
     50}}}
     51
     52(note that not all of these will be used for TLS)
     53
     54The following are supported, but not enabled:
     55{{{
     56TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
     57TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
     58TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
     59TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
     60TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
     61TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
     62TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
     63TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
     64TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
     65TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
     66TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
     67TLS_ECDHE_RSA_WITH_RC4_128_SHA
     68TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
     69TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
     70TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
     71TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
     72TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
     73TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
     74TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
     75TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
     76TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
     77TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
     78TLS_ECDH_ECDSA_WITH_RC4_128_SHA
     79TLS_ECDH_RSA_WITH_RC4_128_SHA
     80TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
     81TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
     82TLS_RSA_WITH_SEED_CBC_SHA
     83SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA
     84SSL_RSA_FIPS_WITH_DES_CBC_SHA
     85TLS_RSA_WITH_DES_CBC_SHA
     86TLS_RSA_EXPORT1024_WITH_RC4_56_SHA
     87TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA
     88TLS_RSA_EXPORT_WITH_RC4_40_MD5
     89TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
     90TLS_ECDHE_ECDSA_WITH_NULL_SHA
     91TLS_ECDHE_RSA_WITH_NULL_SHA
     92TLS_ECDH_RSA_WITH_NULL_SHA
     93TLS_ECDH_ECDSA_WITH_NULL_SHA
     94TLS_RSA_WITH_NULL_SHA
     95TLS_RSA_WITH_NULL_SHA256
     96TLS_RSA_WITH_NULL_MD5
     97}}}
     98
     99In particular, we don't have ciphers that support forward security enabled.
All information, including names and email addresses, entered onto this website or sent to mailing lists affiliated with this website will be public. Do not post confidential information, especially passwords!