<div dir="ltr">Hi Aaron,<br><div class="gmail_extra"><br><div class="gmail_quote">2014-04-25 16:39 GMT+02:00 Aaron Zauner <span dir="ltr"><<a href="mailto:azet@azet.org" target="_blank">azet@azet.org</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Torsten Gigler wrote:<br>
> Hi<br>
> Remarks:<br>
> - I changed the order of the ciphers (= Priority of the ciphers a server<br>
> chooses, if 'Server Order' is set),<br>
> - excluded '0x00,0x33 - DHE-RSA-AES128-SHA' to protect aginst a possible<br>
> incompatibility for JAVA6+7 & DH-Keys >1024bits<br>
> - added '0x00,0x9D - AES256-GCM-SHA384' and '0x00,0x9C -<br>
> AES128-GCM-SHA256' (is there any reason why they weren't included before?<br>
Ah didnt see that.<br>
<br>
What is the issue with JAva and AES128? Shouldn't that be the same issue<br>
with AES256?<span class=""><font color="#888888"><br></font></span></blockquote><div>0x00,0x39 - DHE-RSA-AES256-SHA is not supported by them, so they can't have issues with it ;-)<br><a href="https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=6u45">https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=6u45</a><br>
<a href="https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=7u25">https://www.ssllabs.com/ssltest/viewClient.html?name=Java&version=7u25</a><br><br></div><div>Kind regards<br></div><div>Torsten</div>
<div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span class=""><font color="#888888">
Aaron<br>
<br>
</font></span></blockquote></div><br></div></div>