summaryrefslogtreecommitdiffstats
path: root/net/ssl/ssl_config.h
diff options
context:
space:
mode:
Diffstat (limited to 'net/ssl/ssl_config.h')
-rw-r--r--net/ssl/ssl_config.h13
1 files changed, 0 insertions, 13 deletions
diff --git a/net/ssl/ssl_config.h b/net/ssl/ssl_config.h
index 0a5a83d..21f4ccc 100644
--- a/net/ssl/ssl_config.h
+++ b/net/ssl/ssl_config.h
@@ -97,19 +97,6 @@ struct NET_EXPORT SSLConfig {
// Presorted list of cipher suites which should be explicitly prevented from
// being used in addition to those disabled by the net built-in policy.
//
- // By default, all cipher suites supported by the underlying SSL
- // implementation will be enabled except for:
- // - Null encryption cipher suites.
- // - Weak cipher suites: < 80 bits of security strength.
- // - FORTEZZA cipher suites (obsolete).
- // - IDEA cipher suites (RFC 5469 explains why).
- // - Anonymous cipher suites.
- // - ECDSA cipher suites on platforms that do not support ECDSA signed
- // certificates, as servers may use the presence of such ciphersuites as a
- // hint to send an ECDSA certificate.
- // The ciphers listed in |disabled_cipher_suites| will be removed in addition
- // to the above list.
- //
// Though cipher suites are sent in TLS as "uint8_t CipherSuite[2]", in
// big-endian form, they should be declared in host byte order, with the
// first uint8_t occupying the most significant byte.
generated by cgit v1.1 at 2025-01-12 10:11:15 +0000