Open L8X opened 2 years ago
[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to request a feature or enhancement and not ask a question
According to industry standard SSL analysis utility Qualys SSL Labs, an AdGuard Home resolver using the TLS cipher override settings:
(In order)
TLS 1.3 Ciphers: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256
TLS 1.2 Ciphers: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Will be capped at rank A due to missing support for Session Resumption Caching, despite supporting Session Resumption Tickets already.
The cipher override settings used above are to uncap the rank from B due to having two WEAK ranked TLS ciphers in the default cipher config.
Add support for Session Resumption Caching
N/A
bump
L8X
commented
1 year ago L8X
commented
1 year ago
Prerequisites
[X] I have checked the Wiki and Discussions and found no answer
[X] I have searched other issues and found no duplicates
[X] I want to request a feature or enhancement and not ask a question
Description
What problem are you trying to solve?
According to industry standard SSL analysis utility Qualys SSL Labs, an AdGuard Home resolver using the TLS cipher override settings:
(In order)
TLS 1.3 Ciphers: TLS_AES_128_GCM_SHA256, TLS_AES_256_GCM_SHA384, TLS_CHACHA20_POLY1305_SHA256
TLS 1.2 Ciphers:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Will be capped at rank A due to missing support for Session Resumption Caching, despite supporting Session Resumption Tickets already.
The cipher override settings used above are to uncap the rank from B due to having two WEAK ranked TLS ciphers in the default cipher config.
Proposed solution
Add support for Session Resumption Caching
Alternatives considered
N/A
Additional information
N/A