Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable DES and 3DES ciphers #1116

Open
lduvnjak opened this issue Nov 15, 2023 · 1 comment
Open

Disable DES and 3DES ciphers #1116

lduvnjak opened this issue Nov 15, 2023 · 1 comment
Labels
Team:Ecosystem Label for the Packages Ecosystem team

Comments

@lduvnjak
Copy link

We're having a security audit and the EPR has some issues we have to cover.
One of them was disabling support for TLS v1.0 and 1.1. The other is disabling DES and 3DES ciphers to mitigate a SWEET32 attack.

As far as I can tell, even specifying the TLS supported versions was a relatively new addition.

Is there currently a way in which we can specify the allowed and forbidden ciphers, and if not do you have any plans to add that functionality in the future?
@heidigerken
Copy link

I have a customer who also needs this functionality.

@kpollich kpollich added the Team:Ecosystem Label for the Packages Ecosystem team label Jul 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Team:Ecosystem Label for the Packages Ecosystem team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kpollich @heidigerken @lduvnjak