-
random
Holger: hi, on check.messaging.one there's a thing not covered in faqs that I don't understand: in cipher section what means ""
-
random
Server does not rspect client cipher ordering?
-
Ge0rG
random: it means that the server will choose the best cipher from the client's list, instead of the first one.
-
Holger
Both the server and the client advertise a list of supported ciphers. The client might advertise A|B|C and the server C|B|A. The question is whether A or C is chosen.
-
random
I see, can it be solved so the server is the one that decides?
-
random
Any way to force it
-
Ge0rG
random: that's exactly what the message says.
-
Zash
Ackshhhhually, Client advertises, server picks one that is mutually supported. :) </pedantic>
-
Holger
Yes, the recommendation seems to be C, i.e. "don't respect the client's ordering". The assumption seems to be that the server knows more about ciphers than the client.
-
Holger
Zash: Right.
-
Zash
Server may take the clients ordering into consideration, or not.
-
random
Oooh i understand. So that's not a bad message
-
Holger
No.
-
Zash
It's just a message.
-
Holger
But yes it's worded in a somewhat negative way :-)
-
Zash
If the client has a terrible ordering then ignoring it is good. If the client has put thought into its ordering then ignoring it is .. less good.
-
random
I understand now, thanks everybody
-
Zash
xnyphs did some research into a the ordering of a bunch of clients and they weren't very nice, so having the server prefer its own order seemed like a sensible choice at the time
-
Zash
That situation may or may not have changed, and probably varies with clients.
-
Zash
I kinda wish TLS APIs had more flexibility than either-or ordering. I think some Google / Chrome people (agl?) looked into that, but I don't think any changes have made it into eg OpenSSL