Brian Quinlan
Brian Quinlan
For my own reference: https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
This would be symmetrical with the Python [`SSLContext.set_ciphers` method](https://docs.python.org/3/library/ssl.html#ssl.SSLContext.set_ciphers).
Hey @sergio-a-martinez-mdt, Can you explain your use case a bit more? Do you control the server that you are communicating with? If so, can you enforce the cipher suite there?...
Hey @sergio-a-martinez-mdt , I still don't understand your use case. For your particular use case, do you control the server? We use BoringSSL, which only supports three TLS 1.3 ciphers...
I think that the list of ciphers is found in the source here: https://boringssl.googlesource.com/boringssl/+/refs/heads/master/ssl/ssl_cipher.cc > * How is BoringSSL updated? Is it embedded in Dart? We periodically sync BoringSSL through...
If we make it possible to set the minimum TLS version then `SSL_CTX_set_cipher_list` would not be necessary, right? Because that function does not affect the TLS 1.3 cipher list.
@sergio-a-martinez-mdt Would controlling the minimum TLS version be sufficient for you?
Could you just not support TLS 1.2?
> That decision would be outside of the scope of this thread. I think that we are trying to work towards a solution that would be acceptable to you, so...
> hi @brianquinlan , I'm circling back on this request. I wanted to check/confirm if Dart team decided to support setting the TLS version? Hi @sergio-a-martinez-mdt We haven't made an...