SSL vulnerability :Birthday attacks against TLS cipher
22 views
Skip to first unread message
ravi kumar
Dec 30, 2020, 3:23:54 AM12/30/20
to rqlite
Hi,
I am running rqlite with 3 instances and need to know how to suppress vulnerable ciphers
Thanks
Ravi
Philip O'Toole
Jan 2, 2021, 7:23:33 PM1/2/21
to rql...@googlegroups.com
rqlite runs the standard TLS package that comes with the Go language. I guess what you are really asking is how can you control the value of "CipherSuites" and "PreferServerCipherSuites" in this configuration object:
https://golang.org/pkg/crypto/tls/#Config
I should be able to expose this config, allowing end-users to set it, but I'd like to understand more precisely what you're trying to do. Can you provide more details or examples?
Philip
https://golang.org/pkg/crypto/tls/#Config
I should be able to expose this config, allowing end-users to set it, but I'd like to understand more precisely what you're trying to do. Can you provide more details or examples?
Philip
--
You received this message because you are subscribed to the Google Groups "rqlite" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rqlite+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rqlite/4c640cda-c0a6-418c-8729-4c26ce6e8a52n%40googlegroups.com.
Philip O'Toole
Jan 2, 2021, 7:25:23 PM1/2/21
to rql...@googlegroups.com
For example, do you want to be able to launch rqlite and have it only use, say, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA?
(From https://golang.org/pkg/crypto/tls/#pkg-constants)
(From https://golang.org/pkg/crypto/tls/#pkg-constants)
Reply all
Reply to author
Forward
0 new messages