Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
crypto [2014/03/28 19:00]
mcb30
crypto [2018/03/23 23:31] (current)
mcb30
Line 10: Line 10:
 ^ Public-key algorithms ​   | RSA                        | ^ Public-key algorithms ​   | RSA                        |
 ^ Block cipher algorithms ​ | AES-128-CBC AES-256-CBC ​   | ^ Block cipher algorithms ​ | AES-128-CBC AES-256-CBC ​   |
-^ Hash algorithms ​         | MD5 SHA-1 SHA-256 ​         |+^ Hash algorithms ​         | MD5 SHA-1 SHA-224 ​SHA-256 ​SHA-384 SHA-512 SHA-512/224 SHA-512/​256  ​|
  
 The exact list of supported cipher suites is RSA_WITH_AES_256_CBC_SHA256,​ RSA_WITH_AES_128_CBC_SHA256,​ RSA_WITH_AES_256_CBC_SHA,​ and RSA_WITH_AES_128_CBC_SHA. The exact list of supported cipher suites is RSA_WITH_AES_256_CBC_SHA256,​ RSA_WITH_AES_128_CBC_SHA256,​ RSA_WITH_AES_256_CBC_SHA,​ and RSA_WITH_AES_128_CBC_SHA.
Line 16: Line 16:
 ===== Trusted root certificates ===== ===== Trusted root certificates =====
  
-In the default configuration,​ iPXE trusts only a single root certificate:​ the {{:​certs:​ca.crt|"​iPXE root CA" certificate}}.+In the default configuration,​ iPXE trusts only a single root certificate:​ the {{:​certs:​ca.crt|"​iPXE root CA" certificate}}.  This root certificate is used to cross-sign the standard [[http://​mxr.mozilla.org/​comm-central/​source/​mozilla/​security/​nss/​lib/​ckfw/​builtins/​certdata.txt|Mozilla list of public CA certificates]]. 
 + 
 +In the default configuration,​ iPXE will therefore automatically trust the same set of certificates as the [[https://​www.mozilla.org/​firefox/​|Firefox]] web browser.
  
 If you want more control over the chain of trust, then you can generate your own private root certificate ''​ca.crt''​ using: If you want more control over the chain of trust, then you can generate your own private root certificate ''​ca.crt''​ using:
crypto.1396033208.txt.gz · Last modified: 2014/03/28 19:00 by mcb30
Recent changes RSS feed CC Attribution-Share Alike 4.0 International Driven by DokuWiki
All uses of this content must include an attribution to the iPXE project and the URL http://ipxe.org
References to "iPXE" may not be altered or removed.