Upcoming OpenSSL 1.1.0 release
Bernard Spil
brnrd at FreeBSD.org
Thu Aug 25 18:51:19 UTC 2016
On 2016-08-24 22:08, Lowell Gilbert wrote:
> Bernard Spil <brnrd at FreeBSD.org> writes:
>
>> Today new vulnerabilities with (3)DES and BlowFish were made public
>
> You're referring to something different than the HTTPS/OpenVPN
> attacks? Because it really wouldn't be accurate to describe those
> as vulnerabilities in the ciphers.
Hi Lowell,
Correct. And that is indeed not a vulnerability in the cipher. As far as
I know all cipher suites in use that support DES or 3DES use CBC mode
and are vulnerable. Disabling DES and 3DES therefore makes sense to me.
Cheers,
Bernard.
More information about the freebsd-ports
mailing list