On Mon, Oct 7, 2013 at 12:02 PM, Brian Smith <br...@briansmith.org> wrote: > > If you are referring to something other than the TLS_*_SHA256 cipher > suites, please be more specific as to what you are referring to.
Brian, If you can enable TLS 1.2 by default in Firefox, that should make Mountie happy. Besides the HMAC-SHA256 cipher suites, the AES-GCM cipher suites also make it possible to do TLS without using SHA-1 at all. TLS 1.1 still contains hardcoded use of MD5 and SHA1 in the protocol. Wan-Teh -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
