aes_256_cbc is not secure in TLS Scenes, when will we support GCM/CCM model？

openresty / lua-resty-string

String utilities and common hash functions for ngx_lua and LuaJIT

429 stars 143 forks source link

aes_256_cbc is not secure in TLS Scenes, when will we support GCM/CCM model？ #71

Open terryhy520 opened 4 years ago

terryhy520 commented 4 years ago

AES CBC model is not secure in TLS1.2, and it's unsupported in http2： TLS 1.2 Cipher Suite Black List AES GCM/CCM is considered more secure, is there any plan to support AES GCM? @agentzh