Home > Developer > Web Develop

HTTP2 Password Group blacklist

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

As can be seen, this blacklist, mainly depends on the symmetric encryption algorithm;

Using a symmetric encryption algorithm that is not secure enough, even with the "ECDHE_ECDSA" Exchange key and authentication, it is blacklisted.

Here, the symmetric cryptographic algorithms that are not secure are: DES, RC2, RC4, 3DES, Idea, AES (256 or less), Aria, and Camellia.

Here are all the HTTP2 cipher group blacklists (from RFC7540):

Tls_null_with_null_null
Tls_empty_renegotiation_info_scsv

Tls_krb5_export_with_des_cbc_40_md5
Tls_krb5_export_with_des_cbc_40_sha
Tls_krb5_export_with_rc2_cbc_ 40_MD5
Tls_krb5_export_with_rc2_cbc_40_sha
tls_krb5_export_with_rc4_40_md5
tls_krb5_export_with_rc4_ 40_sha
Tls_krb5_with_3des_ede_cbc_md5
Tls_krb5_with_3des_ede_cbc_sha
tls_krb5_with_des_cbc_md5
TLS _krb5_with_des_cbc_sha
Tls_krb5_with_idea_cbc_md5
Tls_krb5_with_idea_cbc_sha
tls_krb5_with_rc4_128_ MD5
Tls_krb5_with_rc4_128_sha

Tls_psk_with_null_sha
tls_psk_with_null_sha256
tls_psk_with_null_sha384
Tls_psk_with_rc4_128_sha
Tls_psk_with_3des_ede_cbc_sha
Tls_psk_with_aes_128_cbc_sha
tls_psk_with_aes_128_cbc_sha256
TLS_ PSK_WITH_AES_128_CCM
Tls_psk_with_aes_128_ccm_8
tls_psk_with_aes_128_gcm_sha256
TLS_PSK_WITH_AES_256_ Cbc_sha
tls_psk_with_aes_256_cbc_sha384
tls_psk_with_aes_256_ccm
Tls_psk_with_aes_256_ccm_8
TLS_ psk_with_aes_256_gcm_sha384
tls_psk_with_aria_128_cbc_sha256
tls_psk_with_aria_128_gcm_sha256
TLS_PSK _with_aria_256_cbc_sha384
tls_psk_with_aria_256_gcm_sha384
tls_psk_with_camellia_128_cbc_sha256
TLS_ psk_with_camellia_128_gcm_sha256
tls_psk_with_camellia_256_cbc_sha384
Tls_psk_with_camellia_256_gcm_ SHA384

Tls_srp_sha_with_3des_ede_cbc_sha
Tls_srp_sha_with_aes_128_cbc_sha
Tls_srp_sha_with_aes_256_cbc_sha
Tls_srp_sha_dss_with_3des_ede_cbc_sha
Tls_srp_sha_dss_with_aes_128_cbc_sha
Tls_srp_sha_dss_with_aes_256_cbc_sha
Tls_srp_sha_rsa_with_3des_ede_cbc_sha
Tls_srp_sha_rsa_with_aes_128_cbc_sha
Tls_srp_sha_rsa_with_aes_256_cbc_sha

Tls_rsa_export_with_rc2_cbc_40_md5
Tls_rsa_export_with_rc4_40_md5
Tls_rsa_export_with_des40_cbc_sha

Tls_rsa_psk_with_null_sha
tls_rsa_psk_with_null_sha256
tls_rsa_psk_with_null_sha384
TLS_RSA_PSK_ With_rc4_128_sha
Tls_rsa_psk_with_3des_ede_cbc_sha
Tls_rsa_psk_with_aes_128_cbc_sha
TLS_RSA_PSK_WITH_ aes_128_cbc_sha256
tls_rsa_psk_with_aes_128_gcm_sha256
Tls_rsa_psk_with_aes_256_cbc_sha
TLS_RSA_PSK_ with_aes_256_cbc_sha384
tls_rsa_psk_with_aes_256_gcm_sha384
tls_rsa_psk_with_aria_128_cbc_sha256
TLS_ rsa_psk_with_aria_128_gcm_sha256
tls_rsa_psk_with_aria_256_cbc_sha384
Tls_rsa_psk_with_aria_256_gcm_ SHA384
tls_rsa_psk_with_camellia_128_cbc_sha256
tls_rsa_psk_with_camellia_128_gcm_sha256
TLS_RSA_PSK_ with_camellia_256_cbc_sha384
tls_rsa_psk_with_camellia_256_gcm_sha384

Tls_rsa_with_null_md5
Tls_rsa_with_null_sha
tls_rsa_with_null_sha256
Tls_rsa_with_rc4_128_md5
Tls_rsa_with_rc4_128_sha
Tls_rsa_with_seed_cbc_sha
Tls_rsa_with_3des_ede_cbc_sha
TLS_RSA_WITH_AES_128 _cbc_sha
tls_rsa_with_aes_128_cbc_sha256
tls_rsa_with_aes_128_ccm
Tls_rsa_with_aes_128_ccm_8
TLS_ rsa_with_aes_128_gcm_sha256
Tls_rsa_with_aes_256_cbc_sha
tls_rsa_with_aes_256_cbc_sha256
TLS_RSA_WITH _AES_256_CCM
Tls_rsa_with_aes_256_ccm_8
tls_rsa_with_aes_256_gcm_sha384
Tls_rsa_with_aria_128_cbc_ SHA256
tls_rsa_with_aria_128_gcm_sha256
tls_rsa_with_aria_256_cbc_sha384
Tls_rsa_with_aria_256_gcm_ SHA384
Tls_rsa_with_camellia_128_cbc_sha
tls_rsa_with_camellia_128_cbc_sha256
Tls_rsa_with_camellia_ 128_gcm_sha256
Tls_rsa_with_camellia_256_cbc_sha
tls_rsa_with_camellia_256_cbc_sha256
TLS_RSA_WITH_ camellia_256_gcm_sha384
Tls_rsa_with_des_cbc_sha
Tls_rsa_with_idea_cbc_sha

Tls_dh_anon_export_with_des40_cbc_sha
Tls_dh_anon_export_with_rc4_40_md5
Tls_dh_anon_with_des_cbc_sha
Tls_dh_anon_with_rc4_128_md5
Tls_dh_anon_with_seed_cbc_sha
Tls_dh_anon_with_3des_ede_cbc_sha
TLS_ Dh_anon_with_aes_128_cbc_sha
tls_dh_anon_with_aes_128_cbc_sha256
tls_dh_anon_with_aes_128_gcm_sha256
Tls_dh_anon_with_aes_256_cbc_sha
tls_dh_anon_with_aes_256_cbc_sha256
tls_dh_anon_with_aes_256_gcm_sha384
tls_dh_anon_with_aria_128_cbc_sha256
tls_dh_anon_with_aria_128_gcm_sha256
tls_dh_anon_with_aria_256_ cbc_sha384
tls_dh_anon_with_aria_256_gcm_sha384
Tls_dh_anon_with_camellia_128_cbc_sha
TLS_DH_anon_ with_camellia_128_cbc_sha256
tls_dh_anon_with_camellia_128_gcm_sha256
Tls_dh_anon_with_camellia_256_cbc_ SHA
tls_dh_anon_with_camellia_256_cbc_sha256
tls_dh_anon_with_camellia_256_gcm_sha384

Tls_dh_dss_with_des_cbc_sha
Tls_dh_dss_with_seed_cbc_sha
Tls_dh_dss_export_with_des40_cbc_sha
TLS_ Dh_dss_with_3des_ede_cbc_sha
Tls_dh_dss_with_aes_128_cbc_sha
tls_dh_dss_with_aes_128_cbc_sha256
TLS_ dh_dss_with_aes_128_gcm_sha256
Tls_dh_dss_with_aes_256_cbc_sha
tls_dh_dss_with_aes_256_cbc_sha256
TLS _dh_dss_with_aes_256_gcm_sha384
tls_dh_dss_with_aria_128_cbc_sha256
tls_dh_dss_with_aria_128_gcm_sha256
tls_dh_dss_with_aria_256_cbc_sha384
tls_dh_dss_with_aria_256_gcm_sha384
tls_dh_dss_with_camellia_128 _cbc_sha
tls_dh_dss_with_camellia_128_cbc_sha256
tls_dh_dss_with_camellia_128_gcm_sha256
TLS_DH_DSS_ With_camellia_256_cbc_sha
tls_dh_dss_with_camellia_256_cbc_sha256
Tls_dh_dss_with_camellia_256_gcm_ SHA384

Tls_dh_rsa_export_with_des40_cbc_sha
Tls_dh_rsa_with_des_cbc_sha
Tls_dh_rsa_with_seed_cbc_sha
TLS_ Dh_rsa_with_3des_ede_cbc_sha
Tls_dh_rsa_with_aes_128_cbc_sha
tls_dh_rsa_with_aes_128_cbc_sha256
TLS_ dh_rsa_with_aes_128_gcm_sha256
Tls_dh_rsa_with_aes_256_cbc_sha
tls_dh_rsa_with_aes_256_cbc_sha256
TLS _dh_rsa_with_aes_256_gcm_sha384
tls_dh_rsa_with_aria_128_cbc_sha256
tls_dh_rsa_with_aria_128_gcm_sha256
tls_dh_rsa_with_aria_256_cbc_sha384
tls_dh_rsa_with_aria_256_gcm_sha384
tls_dh_rsa_with_camellia_128 _cbc_sha
tls_dh_rsa_with_camellia_128_cbc_sha256
tls_dh_rsa_with_camellia_128_gcm_sha256
TLS_DH_RSA_ With_camellia_256_cbc_sha
tls_dh_rsa_with_camellia_256_cbc_sha256
Tls_dh_rsa_with_camellia_256_gcm_ SHA384

Tls_dhe_dss_export_with_des40_cbc_sha
Tls_dhe_dss_with_des_cbc_sha
Tls_dhe_dss_with_seed_cbc_sha
Tls_dhe_dss_with_3des_ede_cbc_sha
Tls_dhe_dss_with_aes_128_cbc_sha
tls_dhe_dss_with_aes_128_cbc_sha256
Tls_dhe_dss_with_aes_256_cbc_sha
tls_dhe_dss_with_aes_256_cbc_sha256
Tls_dhe_dss_with_aria_128_cbc_ SHA256
tls_dhe_dss_with_aria_256_cbc_sha384
Tls_dhe_dss_with_camellia_128_cbc_sha
Tls_dhe_dss_with_ camellia_128_cbc_sha256
Tls_dhe_dss_with_camellia_256_cbc_sha
tls_dhe_dss_with_camellia_256_cbc_sha256

Tls_dhe_psk_with_null_sha
tls_dhe_psk_with_null_sha256
tls_dhe_psk_with_null_sha384
TLS_DHE_PSK_ With_rc4_128_sha
Tls_dhe_psk_with_3des_ede_cbc_sha
Tls_dhe_psk_with_aes_128_cbc_sha
TLS_DHE_PSK_WITH_ aes_128_cbc_sha256
Tls_dhe_psk_with_aes_256_cbc_sha
tls_dhe_psk_with_aes_256_cbc_sha384
TLS_DHE_PSK_ with_aria_128_cbc_sha256
tls_dhe_psk_with_aria_256_cbc_sha384
tls_dhe_psk_with_camellia_128_cbc_sha256
tls_dhe_psk_with_camellia_256_cbc_sha384

Tls_dhe_rsa_export_with_des40_cbc_sha
Tls_dhe_rsa_with_des_cbc_sha
Tls_dhe_rsa_with_seed_cbc_sha
Tls_dhe_rsa_with_3des_ede_cbc_sha
Tls_dhe_rsa_with_aes_128_cbc_sha
tls_dhe_rsa_with_aes_128_cbc_sha256
Tls_dhe_rsa_with_aes_256_cbc_sha
tls_dhe_rsa_with_aes_256_cbc_sha256
tls_dhe_rsa_with_aria_128_cbc_sha256
tls_dhe_rsa_with_aria_256_cbc_sha384
Tls_dhe_rsa_with_camellia_128_cbc_sha
tls_dhe_rsa_with_camellia_128_cbc_sha256
Tls_dhe_rsa_with_camellia_256_cbc_sha
tls_dhe_rsa_with_camellia_256_cbc_sha256

Tls_ecdh_anon_with_null_sha
Tls_ecdh_anon_with_rc4_128_sha
Tls_ecdh_anon_with_3des_ede_cbc_sha
Tls_ecdh_anon_with_aes_128_cbc_sha
Tls_ecdh_anon_with_aes_256_cbc_sha

Tls_ecdh_rsa_with_null_sha
Tls_ecdh_rsa_with_rc4_128_sha
Tls_ecdh_rsa_with_3des_ede_cbc_sha
TLS_ Ecdh_rsa_with_aes_128_cbc_sha
tls_ecdh_rsa_with_aes_128_cbc_sha256
tls_ecdh_rsa_with_aes_128_gcm_sha256
Tls_ecdh_rsa_with_aes_256_cbc_sha
tls_ecdh_rsa_with_aes_256_cbc_sha384
TLS_ECDH_RSA_WITH_AES_256_GCM _sha384
tls_ecdh_rsa_with_aria_128_cbc_sha256
tls_ecdh_rsa_with_aria_128_gcm_sha256
TLS_ECDH_RSA_WITH _aria_256_cbc_sha384
tls_ecdh_rsa_with_aria_256_gcm_sha384
tls_ecdh_rsa_with_camellia_128_cbc_sha256
tls_ecdh_rsa_with_camellia_128_gcm_sha256
tls_ecdh_rsa_with_camellia_256_cbc_sha384
TLS_ECDH_RSA_WITH_ camellia_256_gcm_sha384

Tls_ecdh_ecdsa_with_null_sha
Tls_ecdh_ecdsa_with_rc4_128_sha
Tls_ecdh_ecdsa_with_3des_ede_cbc_sha
Tls_ecdh_ecdsa_with_aes_128_cbc_sha
tls_ecdh_ecdsa_with_aes_128_cbc_sha256
tls_ecdh_ecdsa_with_aes_128_ gcm_sha256
Tls_ecdh_ecdsa_with_aes_256_cbc_sha
tls_ecdh_ecdsa_with_aes_256_cbc_sha384
TLS_ECDH_ECDSA_ with_aes_256_gcm_sha384
tls_ecdh_ecdsa_with_aria_128_cbc_sha256
tls_ecdh_ecdsa_with_aria_128_gcm_sha256
tls_ecdh_ecdsa_with_aria_256_cbc_sha384
tls_ecdh_ecdsa_with_aria_256_gcm_sha384
TLS_ECDH_ECDSA_WITH_ camellia_128_cbc_sha256
tls_ecdh_ecdsa_with_camellia_128_gcm_sha256
TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC _sha384
tls_ecdh_ecdsa_with_camellia_256_gcm_sha384

tls_ecdhe_psk_with_null_sha256
tls_ecdhe_psk_with_null_sha384
Tls_ecdhe_psk_with_rc4_128_sha
Tls_ecdhe_psk_with_3des_ede_cbc_sha
Tls_ecdhe_psk_with_aes_128_cbc_sha
tls_ecdhe_psk_with_aes_128_cbc_sha256
Tls_ecdhe_psk_with_aes_256_cbc_sha
tls_ecdhe_psk_with_aes_256_cbc_sha384
tls_ecdhe_psk_with_aria_128_cbc_sha256
tls_ecdhe_psk_with_aria_256_cbc_sha384
tls_ecdhe_psk_with_camellia_128_cbc_sha256
tls_ecdhe_psk_with_camellia_256_cbc_sha384

Tls_ecdhe_rsa_with_null_sha
Tls_ecdhe_rsa_with_rc4_128_sha
Tls_ecdhe_rsa_with_3des_ede_cbc_sha
Tls_ecdhe_rsa_with_aes_128_cbc_sha
tls_ecdhe_rsa_with_aes_128_cbc_sha256
Tls_ecdhe_rsa_with_aes_256_cbc_sha
tls_ecdhe_rsa_with_aes_256_cbc_sha384
tls_ecdhe_rsa_with_aria_128_cbc_sha256
tls_ecdhe_rsa_with_aria_256_cbc_sha384
tls_ecdhe_rsa_with_camellia_128_cbc_sha256
tls_ecdhe_rsa_with_camellia_256_cbc_sha384

Tls_ecdhe_ecdsa_with_null_sha
Tls_ecdhe_ecdsa_with_rc4_128_sha
Tls_ecdhe_ecdsa_with_3des_ede_cbc_sha
Tls_ecdhe_ecdsa_with_aes_128_cbc_sha
tls_ecdhe_ecdsa_with_aes_128_cbc_sha256
Tls_ecdhe_ecdsa_with_aes_256_cbc_sha
tls_ecdhe_ecdsa_with_aes_256_cbc_sha384
tls_ecdhe_ecdsa_with_aria_128_cbc_sha256
tls_ecdhe_ecdsa_with_aria_256_cbc_sha384
tls_ecdhe_ecdsa_with_camellia_128_cbc_sha256
tls_ecdhe_ecdsa_with_camellia_256_cbc_sha384

HTTP2 Password Group blacklist

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
group policy password complexity windows group policy password complexity http2 rfc curl http2 php http2 change group policy password complexity server 2012 curl http2 example

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More