[OE-core] [PATCH 1/2] openssl: disable weak ciphers

Pascal Bach pascal.bach at siemens.com
Wed Jul 5 10:24:35 UTC 2017


On 05.07.2017 09:58, kai.kang at windriver.com wrote:
> From: Kai Kang <kai.kang at windriver.com>
>
> Check distro feature 'openssl-no-weak-ciphers' to disable weak ciphers
> provided by openssl:
>
> * des
> * ec
> * ecdh
> * ecdsa
> * md2
> * mdc2
Why are the elliptic curve ciphers considered weak?
I'm wondering because Mozilla (https://wiki.mozilla.org/Security/Server_Side_TLS) is recommending ECDSA.

Pascal




More information about the Openembedded-core mailing list