Skip to content

Commit cf9b557

Browse files
gilles-peskine-armgilles-peskine-arm
committed
Removed static ECDH
Signed-off-by: Gilles Peskine <[email protected]>
1 parent 3415d2d commit cf9b557

File tree

1 file changed

+31
-0
lines changed

1 file changed

+31
-0
lines changed

docs/4.0-migration-guide/feature-removals.md

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,7 @@ That is, the following key exchange types are no longer supported:
1212
* RSA (i.e. cipher suites using only RSA decryption: cipher suites using RSA signatures remain supported);
1313
* DHE-PSK (except in TLS 1.3);
1414
* DHE-RSA (except in TLS 1.3).
15+
* static ECDH (ECDH-RSA and ECDH-ECDSA, as opposed to ephemeral ECDH (ECDHE) which remains supported).
1516

1617
The full list of removed cipher suites is:
1718

@@ -59,6 +60,36 @@ TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA
5960
TLS-DHE-RSA-WITH-CAMELLIA-256-CBC-SHA256
6061
TLS-DHE-RSA-WITH-CAMELLIA-256-GCM-SHA384
6162
TLS-DHE-RSA-WITH-CHACHA20-POLY1305-SHA256
63+
TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA
64+
TLS-ECDH-ECDSA-WITH-AES-128-CBC-SHA256
65+
TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256
66+
TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA
67+
TLS-ECDH-ECDSA-WITH-AES-256-CBC-SHA384
68+
TLS-ECDH-ECDSA-WITH-AES-256-GCM-SHA384
69+
TLS-ECDH-ECDSA-WITH-ARIA-128-CBC-SHA256
70+
TLS-ECDH-ECDSA-WITH-ARIA-128-GCM-SHA256
71+
TLS-ECDH-ECDSA-WITH-ARIA-256-CBC-SHA384
72+
TLS-ECDH-ECDSA-WITH-ARIA-256-GCM-SHA384
73+
TLS-ECDH-ECDSA-WITH-CAMELLIA-128-CBC-SHA256
74+
TLS-ECDH-ECDSA-WITH-CAMELLIA-128-GCM-SHA256
75+
TLS-ECDH-ECDSA-WITH-CAMELLIA-256-CBC-SHA384
76+
TLS-ECDH-ECDSA-WITH-CAMELLIA-256-GCM-SHA384
77+
TLS-ECDH-ECDSA-WITH-NULL-SHA
78+
TLS-ECDH-RSA-WITH-AES-128-CBC-SHA
79+
TLS-ECDH-RSA-WITH-AES-128-CBC-SHA256
80+
TLS-ECDH-RSA-WITH-AES-128-GCM-SHA256
81+
TLS-ECDH-RSA-WITH-AES-256-CBC-SHA
82+
TLS-ECDH-RSA-WITH-AES-256-CBC-SHA384
83+
TLS-ECDH-RSA-WITH-AES-256-GCM-SHA384
84+
TLS-ECDH-RSA-WITH-ARIA-128-CBC-SHA256
85+
TLS-ECDH-RSA-WITH-ARIA-128-GCM-SHA256
86+
TLS-ECDH-RSA-WITH-ARIA-256-CBC-SHA384
87+
TLS-ECDH-RSA-WITH-ARIA-256-GCM-SHA384
88+
TLS-ECDH-RSA-WITH-CAMELLIA-128-CBC-SHA256
89+
TLS-ECDH-RSA-WITH-CAMELLIA-128-GCM-SHA256
90+
TLS-ECDH-RSA-WITH-CAMELLIA-256-CBC-SHA384
91+
TLS-ECDH-RSA-WITH-CAMELLIA-256-GCM-SHA384
92+
TLS-ECDH-RSA-WITH-NULL-SHA
6293
TLS-RSA-PSK-WITH-AES-128-CBC-SHA
6394
TLS-RSA-PSK-WITH-AES-128-CBC-SHA256
6495
TLS-RSA-PSK-WITH-AES-128-GCM-SHA256

0 commit comments

Comments
 (0)