From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiaxin.wu@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.65; helo=mga03.intel.com;
 envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 34ED02232BDFE
 for <edk2-devel@lists.01.org>; Fri, 19 Jan 2018 22:13:13 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga003.jf.intel.com ([10.7.209.27])
 by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 19 Jan 2018 22:18:36 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,383,1511856000"; d="scan'208";a="20892686"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by orsmga003.jf.intel.com with ESMTP; 19 Jan 2018 22:18:36 -0800
Received: from FMSMSX110.amr.corp.intel.com (10.18.116.10) by
 FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 19 Jan 2018 22:18:35 -0800
Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by
 fmsmsx110.amr.corp.intel.com (10.18.116.10) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Fri, 19 Jan 2018 22:18:35 -0800
Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.213]) by
 SHSMSX152.ccr.corp.intel.com ([169.254.6.93]) with mapi id 14.03.0319.002;
 Sat, 20 Jan 2018 14:18:33 +0800
From: "Wu, Jiaxin" <jiaxin.wu@intel.com>
To: Laszlo Ersek <lersek@redhat.com>, "Fu, Siyuan" <siyuan.fu@intel.com>,
 "Ye, Ting" <ting.ye@intel.com>, "Long, Qin" <qin.long@intel.com>, "Hsiung,
 Harry L" <harry.l.hsiung@intel.com>
CC: edk2-devel-01 <edk2-devel@lists.01.org>
Thread-Topic: setting the TLS cipher list for HTTPS booting
Thread-Index: AQHTkTKC7SSIQqPfwE6mEzdxVropQKN8Nf+g
Date: Sat, 20 Jan 2018 06:18:33 +0000
Message-ID: <895558F6EA4E3B41AC93A00D163B72741635E571@SHSMSX103.ccr.corp.intel.com>
References: <5307d880-d016-ad91-04f5-6b83eb40f905@redhat.com>
In-Reply-To: <5307d880-d016-ad91-04f5-6b83eb40f905@redhat.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYzQ5Nzc0YjktZDlhNy00YWUwLWE2NTAtZWM2OTc0NmRmNTBmIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE2LjUuOS4zIiwiVHJ1c3RlZExhYmVsSGFzaCI6Im4xV2F2UDM2TXBTVWNHY2w4WXlNOGNjUVY1XC93TGc1Wkpxekd1ZDNGUVMwPSJ9
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.0.116
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: setting the TLS cipher list for HTTPS booting
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Jan 2018 06:13:13 -0000
Content-Language: en-US
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64

PiANCj4gSGVsbG8gSmlheGluLCBTaXl1YW4sDQo+IA0KPiBpdCBzZWVtcyB0aGF0IHRoZSAicHJl
ZmVycmVkIHNldCBvZiBjaXBoZXJzIiBjYW4gYmUgY29udHJvbGxlZCBhdCB0aGUNCj4gVExTIHNl
c3Npb24gbGV2ZWwuDQoNCg0KSmlheGluOiBZZXMsIFRMUyBDaXBoZXJMaXN0IGNhbiBiZSBjb25m
aWd1cmVkIGJ5IFRMUyBwcm90b2NvbC4gIA0KDQoNCj4gDQo+IFdpdGggcmVnYXJkIHRvIEhUVFBT
IGJvb3RpbmcsICJOZXR3b3JrUGtnL0h0dHBEeGUiIG1ha2VzIHNldmVyYWwgY2FsbHMNCj4gdG8g
RUZJX1RMU19QUk9UT0NPTC5TZXRTZXNzaW9uRGF0YSgpIC0tIGluIHRoZSBmaWxlDQo+ICJOZXR3
b3JrUGtnL0h0dHBEeGUvSHR0cHNTdXBwb3J0LmMiLCAtLSBidXQgaXQgbmV2ZXIgcGFzc2VzDQo+
ICJFZmlUbHNDaXBoZXJMaXN0IiBhcyBhcmd1bWVudCBmb3IgdGhlICJEYXRhVHlwZSIgcGFyYW1l
dGVyLg0KPiANCg0KDQpKaWF4aW46IENvcnJlY3QsIGN1cnJlbnRseSwgSHR0cER4ZSBhcyBhIFRM
UyBwcm90b2NvbCBjb25zdW1lciBkb2Vzbid0IHNldCB0aGUgaXRzIG93biBwcmVmZXJyZWQgQ2lw
aGVyTGlzdCBiZWNhdXNlIGl0IHByZWZlcnMgdG8gdXNlIHRoZSBkZWZhdWx0IENpcGhlckxpc3Qs
IHdoaWNoIGhhcyBiZWVuIGNvbmZpZ3VyZWQgYnkgVExTIGRyaXZlciBieSBkZWZhdWx0LiBUaGUg
VExTIGRlZmF1bHQgc2V0dGluZyB3YXMgaGFwcGVuZWQgZHVyaW5nIHRoZSBjcmVhdGlvbiAgb2Yg
bmV3IE9wZW5TU0wgU1NMX0NUWCBvYmplY3QuIFRoZSBmbG93IHBhdGggaXMgc2hvd24gYXMgYmVs
b3c6IA0KVGxzQ3R4TmV3IC0+IFNTTF9DVFhfbmV3IC0+IHNzbF9jcmVhdGVfY2lwaGVyX2xpc3Qu
IA0KU28sIHRoZSBkZWZhdWx0IENpcGhlckxpc3QgaXM6DQogIyBkZWZpbmUgU1NMX0RFRkFVTFRf
Q0lQSEVSX0xJU1QgIkFMTDohQ09NUExFTUVOVE9GREVGQVVMVDohZU5VTEwiDQoNCg0KPiBJcyB0
aGVyZSBhIHdheSBmb3IgcGxhdGZvcm0gY29kZSB0byBjb250cm9sIHRoZSBsaXN0IG9mIGNpcGhl
cnM/DQoNCg0KSmlheGluOiBDdXJyZW50bHksIG5vdCBzdXBwb3J0IHlldC4NCg0KDQo+IA0KPiBU
aGlzIGlzIGRpZmZlcmVudCBmcm9tIG90aGVyICJnbG9iYWwiIFRMUyBhc3BlY3RzLCBzdWNoIGFz
DQo+IEVGSV9UTFNfQ09ORklHVVJBVElPTl9QUk9UT0NPTCwgYmVjYXVzZSB0aGUgbGF0dGVyIGlz
IGEgc2luZ2xldG9uDQo+ICJzZXJ2aWNlIiBwcm90b2NvbCwgd2hpbGUgRUZJX1RMU19QUk9UT0NP
TCBpbnN0YW5jZXMgYXJlIGNyZWF0ZWQgYnkNCj4gY2xpZW50cyBhcy1uZWVkZWQsIHZpYSBUTFMg
c2VydmljZSBiaW5kaW5nLiBTbywgSSB0aGluayBpZiBhIHBsYXRmb3JtDQo+IHdhbnRlZCB0byBj
b250cm9sIHRoaXMgb24gdGhlIHNlc3Npb24gbGV2ZWwsIHRoZW4gaXQgd291bGQgaGF2ZSB0byAi
YXNrIg0KPiBIdHRwRHhlIHNvbWVob3cuDQo+IA0KDQoNCkppYXhpbjogRUZJX1RMU19DT05GSUdV
UkFUSU9OX1BST1RPQ09MIHByb3ZpZGVzIHRoZSBjYXBhYmlsaXR5IHRvIHNldCB0aGUgY2xpZW50
IGNlcnRpZmljYXRlL2tleSBwYWlycywgZGlmZmVyZW50IGNsaWVudHMgbWF5IHVzZSB0aGUgZGlm
ZmVyZW50IGNlcnRpZmljYXRlL2tleSBQYXJpcyAoc28gZG9lcyBPcGVuU1NMKS4gQmFzZWQgb24g
dGhpcywgaXQncyBub3QgYSBzaW5nbGV0b24gInNlcnZpY2UiIHByb3RvY29sLiBTbywgaW4gVGxz
RHhlIGRyaXZlciwgd2UgYmluZCBpdCB0byB0aGUgc2FtZSBDaGlsZEhhbmRsZSBhcyBUTFMgcHJv
dG9jb2wuDQogIFN0YXR1cyA9IGdCUy0+SW5zdGFsbE11bHRpcGxlUHJvdG9jb2xJbnRlcmZhY2Vz
ICgNCiAgICAgICAgICAgICAgICAgIENoaWxkSGFuZGxlLA0KICAgICAgICAgICAgICAgICAgJmdF
ZmlUbHNQcm90b2NvbEd1aWQsDQogICAgICAgICAgICAgICAgICAmVGxzSW5zdGFuY2UtPlRscywN
CiAgICAgICAgICAgICAgICAgICZnRWZpVGxzQ29uZmlndXJhdGlvblByb3RvY29sR3VpZCwNCiAg
ICAgICAgICAgICAgICAgICZUbHNJbnN0YW5jZS0+VGxzQ29uZmlnLA0KICAgICAgICAgICAgICAg
ICAgTlVMTA0KICAgICAgICAgICAgICAgICAgKTsNCkJ1dCBhYm92ZSBpbXBsZW1lbnRhdGlvbiBh
bHNvIGRvZXNuJ3QgcHJldmVudCBhbGwgdGhlIGNsaWVudHMgdXNlIHRoZSBzYW1lIGNlcnRpZmlj
YXRlL2tleSBQYXJpcyBzaW5jZSB0aGV5IGNhbiB1c2UgaXRzIG93biBFRklfVExTX0NPTkZJR1VS
QVRJT05fUFJPVE9DT0wgdG8gY29uZmlndXJlIHRoZSBzYW1lICJnbG9iYWwiIGNlcnRpZmljYXRl
L2tleSBwYWlyIChvbiB0aGUgc2Vzc2lvbiBsZXZlbCkuIFRoYXQncyBkZXBlbmQgb24gdGhlIFRM
UyBjb25zdW1lci4NCg0KDQo+IElmIHlvdSBhZ3JlZSAtLSBkbyB5b3Ugc3VnZ2VzdCBhIGR5bmFt
aWMgUENELCBvciBhbiBleHRlbnNpb24gdG8gdGhlDQo+IFVFRkkgc3BlYyAoYXQgdGhlIEhUVFAg
bGV2ZWwpPw0KPiANCg0KDQpKaWF4aW46IEkgYWdyZWUgd2l0aCB0aGUgZHluYW1pYyBQQ0Qgc29s
dXRpb24gZm9yIHRoZSBDaXBoZXJMaXN0IHNldHRpbmcsIHRoZSBQQ0QgZm9ybWF0IGNhbiB1c2Ug
YXMgZm9sbG93aW5nIG9uZToNCglnRWZpTmV0d29ya1BrZ1Rva2VuU3BhY2VHdWlkLlBjZEh0dHBz
VGxzQ2lwaGVyTGlzdHMgfHsweDB9fFZPSUQqfDB4MDAwMDAwMEQNCklmIHRoZSBwbGF0Zm9ybSB3
YW50cyB0byBzZXQgdGhlIGJlbG93IENpcGhlclN1aXRlcyAoUkZDIDUyNDYgZGVmaW5lZCk6DQoJ
Q2lwaGVyU3VpdGUgVExTX1JTQV9XSVRIX0FFU18yNTZfQ0JDX1NIQSA9IHsgMHgwMCwweDM1IH07
IA0KCUNpcGhlclN1aXRlIFRMU19SU0FfV0lUSF9BRVNfMjU2X0NCQ19TSEEyNTYgPSB7IDB4MDAs
MHgzRCB9Ow0KVGhlIFBDRCBjYW4gYmUgY29uZmlndXJlZCBieSB0aGUgY29ycmVzcG9uZGluZyBw
bGF0Zm9ybSBhcyBiZWxvdywgb3RoZXJ3aXNlIGl0IHdpbGwgdXNlIHRoZSBPcGVuU1NMIGRlZmF1
bHQgb25lOg0KCWdFZmlOZXR3b3JrUGtnVG9rZW5TcGFjZUd1aWQuUGNkSHR0cHNUbHNDaXBoZXJM
aXN0cyB8ezB4MDAsMHgzNSwgMHgwMCwweDNEIH18Vk9JRCp8NA0Kd2hhdCBkbyB5b3UgdGhpbms/
DQoNCj4gVGhhbmtzIQ0KPiBMYXN6bG8NCg==