From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A598F223DB798 for ; Fri, 9 Feb 2018 02:06:03 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 83526C001F17; Fri, 9 Feb 2018 10:11:49 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-73.phx2.redhat.com [10.3.116.73]) by smtp.corp.redhat.com (Postfix) with ESMTP id D547E5D965; Fri, 9 Feb 2018 10:11:47 +0000 (UTC) To: "Fu, Siyuan" , "Wu, Jiaxin" , "edk2-devel@lists.01.org" Cc: "Kinney, Michael D" , "Zimmer, Vincent" , "Yao, Jiewen" , "Ye, Ting" References: <1518148778-14300-1-git-send-email-jiaxin.wu@intel.com> From: Laszlo Ersek Message-ID: <835e4fbd-67bc-ad07-45ce-80b1156702a7@redhat.com> Date: Fri, 9 Feb 2018 11:11:46 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.31]); Fri, 09 Feb 2018 10:11:49 +0000 (UTC) Subject: Re: [Patch 0/2] NetworkPkg: Support the platform to configure TLS CipherList. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Feb 2018 10:06:05 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 02/09/18 06:22, Fu, Siyuan wrote: > Hi, Jiaxin > > I think we can remove the "TlsCipherList.h" to another name like > "HttpTlsCipherListVariable.h" to highlight that the variable is only > used for HTTP configuration. And also the variable name and GUID > name. If we are renaming gEfiTlsCaCertificateGuid, can we pick a generic term as new name, something like "gHttpTlsVariableGuid"? And then put both variables, the CA List and the Cipher List, in that (same) namespace GUID? It's not that we'll run out of GUIDs any time soon :) , but I think these variables belong closely together. Thanks, Laszlo >> -----Original Message----- >> From: Wu, Jiaxin >> Sent: Friday, February 9, 2018 12:00 PM >> To: edk2-devel@lists.01.org >> Cc: Laszlo Ersek ; Kinney, Michael D >> ; Zimmer, Vincent ; >> Yao, Jiewen ; Ye, Ting ; Fu, >> Siyuan ; Wu, Jiaxin >> Subject: [Patch 0/2] NetworkPkg: Support the platform to configure TLS >> CipherList. >> >> Cc: Laszlo Ersek >> Cc: Kinney Michael D >> Cc: Zimmer Vincent >> Cc: Yao Jiewen >> Cc: Ye Ting >> Cc: Fu Siyuan >> Contributed-under: TianoCore Contribution Agreement 1.0 >> Signed-off-by: Wu Jiaxin >> >> Jiaxin Wu (2): >> NetworkPkg: Define one private variable for TLS CipherList >> configuration. >> NetworkPkg: Read TlsCipherList variable and configure it for HTTPS >> session. >> >> NetworkPkg/HttpDxe/HttpDriver.h | 3 +- >> NetworkPkg/HttpDxe/HttpDxe.inf | 3 +- >> NetworkPkg/HttpDxe/HttpsSupport.c | 92 >> ++++++++++++++++++++++++++++++++- >> NetworkPkg/Include/Guid/TlsCipherList.h | 38 ++++++++++++++ >> NetworkPkg/NetworkPkg.dec | 3 ++ >> 5 files changed, 136 insertions(+), 3 deletions(-) >> create mode 100644 NetworkPkg/Include/Guid/TlsCipherList.h >> >> -- >> 1.9.5.msysgit.1 >