New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 913640 link

Starred by 1 user
Status: Duplicate
Merged: issue 911798
Owner:
lassey@chromium.org
On parental leave until 3/15/19
Closed: Dec 12
Cc:
brink...@gmail.com
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 3
Type: Feature



Sign in to add a comment

Feature request: Policies to disable weak ciphers

Project Member Reported by bheenan@chromium.org, Dec 10 
This request is branched from discussions in https://bugs.chromium.org/p/chromium/issues/detail?id=911798

While that bug is being closed, it did generate this separate request for policies that would blacklist some weak ciphers, specifically:

SSLWeakRSACiphersEnabled (controls TLS_RSA_WITH_*)
SSLWeakCBCCiphersEnabled (controls *_CBC_*)

Comment 1 by bheenan@chromium.org, Dec 10

Cc: brink...@gmail.com

Comment 2 by davidben@chromium.org, Dec 10 

 Issue #911798 's request only covered SSLWeakRSACiphersEnabled. SSLWeakCBCCiphersEnabled was an example of another category of weak ciphers that we carry around for backwards compatibility, but I'm not aware of anyone requesting it.

Comment 3 by bheenan@chromium.org, Dec 10

Owner: lassey@chromium.org
Updated owner to triage

Comment 4 by davidben@chromium.org, Dec 10 

bheenan: Please see the discussion in the other bug. (I'm not sure why this bug was split off. That just makes it harder to see past discussion.) This sort of thing has typically been a question for the Enterprise team. We are still awaiting input there.

Comment 5 by lassey@google.com, Dec 12

Mergedinto: 911798
Status: Duplicate (was: Untriaged)

Sign in to add a comment