EnDe
commented
3 months ago Description of ranges for --cipherrange=RANGE have been updated in help.txt, see o-saft.pl --help=options.
Thanks.
Open kylak opened 3 months ago
EnDe
commented
3 months ago Description of ranges for --cipherrange=RANGE have been updated in help.txt, see o-saft.pl --help=options.
Thanks.
kylak
commented
3 months ago Sorry, it doesn't answer the questions a, c, d, and e.
EnDe
commented
3 months ago Sorry, a, and d. see the documentation. According c.: huge and safe are just a ranges. According e. "rfc": definition of the range is a bit lazy, as it also includes some unassigned cipher constants, updated in help.txt
kylak
commented
3 months ago Ok, thanks, I didn't realize the "recommended" for the iana. So I presume that the 'rfc' range contains (at least) all the iana and rfc cipher suites, right ?
Hello.
I have several questions concerning the cipher suites ranges (I didn't find answers in the doc) :
a. why the iana range contains only 24 cipher suites since on the iana website they have more than 300 cipher suites. b. why the "TLSv10" and "TLSv11" ranges have no cipher suites ? c. to what meaning correspond the ranges "huge" and "safe" ? d. could you explain the meaning of "some shifted by 64 bytes to the right" ("shifted" range) ? e. the "rfc" range gives 2064 cipher suites which seems a lot since for example rustls has no more than 400 cipher suites taken from the various RFCs covering TLS, so where does the rfc range find its 2064 cipher suites?
Regards.