Bug 1651760

Summary: Enable 3DES ciphers by default
Product: Red Hat Enterprise Linux 8 Reporter: Hubert Kario <hkario>
Component: nssAssignee: nss-nspr-maint <nss-nspr-maint>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Moriš <omoris>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: dueno, hkario, nmavrogi, omoris
Target Milestone: rc   
Target Release: 8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: nss-3.39.0-1.5.el8 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-06-14 00:58:24 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Hubert Kario 2018-11-20 17:28:57 UTC 
Description of problem:
The 3DES ciphers should be enabled in LEGACY mode and we disable in DEFAULT and FUTURE. but for the ciphers to be actually sent we need to have it both enabled by default and part of LEGACY policy.

This is about changing the default for them to be enabled

Version-Release number of selected component (if applicable):
nss-3.38.0-1.0.el8+7

How reproducible:
always

Steps to Reproduce:
1. change system to LEGACY mode
2. run tstclnt, check ClientHello
3.

Actual results:
no 3des ciphers  present

Expected results:
3des ciphers included

Additional info: