If you've never used a TLS library such as Go's crypto/tls, that's understandable-- this is stuff most programmers never need to think about. Fortunately TLS does work pretty well: both sides of an encrypted connection will auto-negotiate and pick the strongest cipher that they both support.
TLS libraries do drop old, weak ciphers from time to time. But thanks to auto-negotiating, this will only be a problem if your TLS lib is so out-of-date that it doesn't support any still-trusted alternatives.
Which brings me back to why this story is so strange: "Gmail upgrades TLS library, drops old insecure algorithm that OpenSSL had dropped almost 10 years ago."
I always customize TLS versions and cipher suites because I don't trust the defaults.
AFAIK you can customize them on:
- Chrome & Firefox (can only enable/disable ciphers, no reordering, PQ ciphers supported since 2024)
- OpenSSL (by customizing openssl.cnf, PQ ciphers supported since 3.5)
- curl
- nginx/apache
- OpenSSH (I enabled PQ ciphers too)
- Multiple programming libraries
- and others...
Also, clients and servers don't "pick the strongest cipher that they both support". Servers select the cipher ultimately, and they can be misconfigured to pick, for example, 3DES over AES.
Meekro|9 months ago
TLS libraries do drop old, weak ciphers from time to time. But thanks to auto-negotiating, this will only be a problem if your TLS lib is so out-of-date that it doesn't support any still-trusted alternatives.
Which brings me back to why this story is so strange: "Gmail upgrades TLS library, drops old insecure algorithm that OpenSSL had dropped almost 10 years ago."
zzq1015|9 months ago
I always customize TLS versions and cipher suites because I don't trust the defaults.
AFAIK you can customize them on:
- Chrome & Firefox (can only enable/disable ciphers, no reordering, PQ ciphers supported since 2024)
- OpenSSL (by customizing openssl.cnf, PQ ciphers supported since 3.5)
- curl
- nginx/apache
- OpenSSH (I enabled PQ ciphers too)
- Multiple programming libraries
- and others...
Also, clients and servers don't "pick the strongest cipher that they both support". Servers select the cipher ultimately, and they can be misconfigured to pick, for example, 3DES over AES.