KB Article #179831

How the ciphers order is defined during a transfer between two CFT

Problem

Manager cipher suites

How the ciphers order is defined during a transfer between two CFT

Resolution

CFT prioritizes the cipher suites as displayed in the Order used column in the chapter 'Manager cipher suites'.

It concerns all SSL connections: Passport AM, CG, Sentinel and file transfers.

The user cannot order its preferred cipher suites.

The order is hard-coded for security reason.

Too often the users put the less secured cipher suites first.

The aim is to have a secured product even for less informed users.

The fact that AES-128 comes before AES-256 is due to a compromise between performance and security.

General Information

Published:

23 October 2018

Last Modified:

23 October 2018

Affected OS

win-x86-64

win-x86-32

win-ia64-64

vms-ia64

vms-alpha

uxw-x86-32

tru64-alpha-64

sun-x86-64

sun-x86-32

sun-sparc-64

sun-sparc-32

sco-x86-32

os2200

linux-x86-64

linux-x86-32

linux-s390-64

linux-s390-32

linux-ia64-64

irix-mips-64

hpux-parisc-64

hpux-parisc-32

hpux-ia64-64

hpnonstop-x86-32

hpnonstop-ia64-32

aix-power-64

aix-power-32

Windows 3/95/98

Vse

Vos

Vms Itanium

Vms Alpha

Vms

Utower

UnixWare

Unisys

Ultrix

Ulsx6500

Ulsx5000

U6000

U3000

Tunix

Tru64

TI1500

Spix

Sinix

Sco

Qnx

Os2

OS400

Numa-Q

Netware

Mvs

MS/DOS

Linux z/Series

Linux Station x86

Linux Station Itanium

Guardian Itanium

Guardian

Gcos8

Gcos7

Gcos6

Ctos

Bs2000

Bos

Aviion

...Other

Problem

Resolution

Still need help?