Hi,
This may sound like a stupid questions, but I have not found any clear answers to it.
Could someone explain the ssl_ciphers options in nginx?
For example ''ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256'.
I have read that you should disable RSA due to the ROBOT vulnerability (https://robotattack.org/). Does that mean that I should remove all the ciphers above that contains RSA?
And does for example the cipher 'ECDHE-ECDSA-CHACHA20-POLY1305' mean in which order messages are encrypted?
Thanks for any answers!
This may sound like a stupid questions, but I have not found any clear answers to it.
Could someone explain the ssl_ciphers options in nginx?
For example ''ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256'.
I have read that you should disable RSA due to the ROBOT vulnerability (https://robotattack.org/). Does that mean that I should remove all the ciphers above that contains RSA?
And does for example the cipher 'ECDHE-ECDSA-CHACHA20-POLY1305' mean in which order messages are encrypted?
Thanks for any answers!