Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(698)

Unified Diff: net/ssl/ssl_config.h

Issue 1769393002: Enable AES_256_GCM ciphers. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 4 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/ssl/ssl_config.h
diff --git a/net/ssl/ssl_config.h b/net/ssl/ssl_config.h
index 0a5a83d803357ef7bf7ad681257182e42793df0e..21f4cccbdf831b50f53ddf7a05a0d88804678714 100644
--- a/net/ssl/ssl_config.h
+++ b/net/ssl/ssl_config.h
@@ -97,19 +97,6 @@ struct NET_EXPORT SSLConfig {
// Presorted list of cipher suites which should be explicitly prevented from
// being used in addition to those disabled by the net built-in policy.
//
- // By default, all cipher suites supported by the underlying SSL
- // implementation will be enabled except for:
davidben 2016/03/08 01:42:16 This comment isn't terribly meaningful anymore sin
- // - Null encryption cipher suites.
- // - Weak cipher suites: < 80 bits of security strength.
- // - FORTEZZA cipher suites (obsolete).
- // - IDEA cipher suites (RFC 5469 explains why).
- // - Anonymous cipher suites.
- // - ECDSA cipher suites on platforms that do not support ECDSA signed
- // certificates, as servers may use the presence of such ciphersuites as a
- // hint to send an ECDSA certificate.
- // The ciphers listed in |disabled_cipher_suites| will be removed in addition
- // to the above list.
- //
// Though cipher suites are sent in TLS as "uint8_t CipherSuite[2]", in
// big-endian form, they should be declared in host byte order, with the
// first uint8_t occupying the most significant byte.
« no previous file with comments | « net/socket/ssl_client_socket_openssl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698