[erlang-questions] bug : ssl losing ciphers

Ingela Andin ingela.andin@REDACTED
Sat Apr 9 13:16:54 CEST 2016


Hi!

Yes, the OpenSSL name strings  are supported too. I would rather have the
tuples be maps, and from 19 that will be ok.  An other idea might be to
put the macros for the binary representation of the cipher suites in an
official include file. Then your list could look something like

[?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
?TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384]  which are the names from the
TLS RFCs and similar to the openssl string names, but not the same.  In
this case we would need no conversion.

We will see.

Regards Ingela Erlang/OTP team - Ericsson AB



2016-04-09 11:12 GMT+02:00 Roger Lipscombe <roger@REDACTED>:

> On 8 April 2016 at 15:13, Nicolas Thauvin <nthauvin@REDACTED> wrote:
> > Now, when the customised 'ciphers' SSL option is set, its content is
> > processed by ssl:binary_cipher_suites/2
>
> Rather than use the tuples, we use named suites. See, e.g.,
> http://ezgr.net/increasing-security-erlang-ssl-cowboy/
> _______________________________________________
> erlang-questions mailing list
> erlang-questions@REDACTED
> http://erlang.org/mailman/listinfo/erlang-questions
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20160409/baf62a0a/attachment.htm>


More information about the erlang-questions mailing list