Skip to content

Commit

Permalink
doc: Remove SHA-1 cipher suites from the defaults on the server-side (#…
Browse files Browse the repository at this point in the history 
…21240)

Related PR: #20643

Signed-off-by: derekguo001 <[email protected]>
  • Loading branch information
derekguo001 authored May 13, 2022
1 parent c328cf1 commit 81cebf6
Showing 1 changed file with 0 additions and 8 deletions.
8 changes: 0 additions & 8 deletions api/envoy/extensions/transport_sockets/tls/v3/common.proto
View file
Original file line number Diff line number Diff line change
Expand Up @@ -66,25 +66,17 @@ message TlsParameters {
//
// [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
// [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
// ECDHE-ECDSA-AES128-SHA
// ECDHE-RSA-AES128-SHA
// ECDHE-ECDSA-AES256-GCM-SHA384
// ECDHE-RSA-AES256-GCM-SHA384
// ECDHE-ECDSA-AES256-SHA
// ECDHE-RSA-AES256-SHA
//
// In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
//
// .. code-block:: none
//
// ECDHE-ECDSA-AES128-GCM-SHA256
// ECDHE-RSA-AES128-GCM-SHA256
// ECDHE-ECDSA-AES128-SHA
// ECDHE-RSA-AES128-SHA
// ECDHE-ECDSA-AES256-GCM-SHA384
// ECDHE-RSA-AES256-GCM-SHA384
// ECDHE-ECDSA-AES256-SHA
// ECDHE-RSA-AES256-SHA
//
// In non-FIPS builds, the default client cipher list is:
//
Expand Down

0 comments on commit 81cebf6

Please sign in to comment.