Skip to content

Commit

Permalink
doc: improve wording surrounding TLS 1.3 ciphers
Browse files Browse the repository at this point in the history
Spelling out numbers makes this part easier to read. Also remove the
unnecessary word 'last'.

PR-URL: #41778
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Mestery <[email protected]>
Reviewed-By: Benjamin Gruenbaum <[email protected]>
Reviewed-By: Nitzan Uziely <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
  • Loading branch information
tniessen authored and ruyadorno committed Feb 8, 2022
1 parent 99e0f14 commit af641bd
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions doc/api/tls.md
Original file line number Diff line number Diff line change
Expand Up @@ -357,15 +357,15 @@ the default configuration. If these clients _must_ be supported, the
[TLS recommendations][] may offer a compatible cipher suite. For more details
on the format, see the OpenSSL [cipher list format][] documentation.

There are only 5 TLSv1.3 cipher suites:
There are only five TLSv1.3 cipher suites:

* `'TLS_AES_256_GCM_SHA384'`
* `'TLS_CHACHA20_POLY1305_SHA256'`
* `'TLS_AES_128_GCM_SHA256'`
* `'TLS_AES_128_CCM_SHA256'`
* `'TLS_AES_128_CCM_8_SHA256'`

The first 3 are enabled by default. The last 2 `CCM`-based suites are supported
The first three are enabled by default. The two `CCM`-based suites are supported
by TLSv1.3 because they may be more performant on constrained systems, but they
are not enabled by default since they offer less security.

Expand Down

0 comments on commit af641bd

Please sign in to comment.