From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.65; helo=mga03.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EA1D021F0DA45 for ; Mon, 5 Feb 2018 18:28:25 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Feb 2018 18:34:07 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,467,1511856000"; d="scan'208";a="32309639" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by orsmga002.jf.intel.com with ESMTP; 05 Feb 2018 18:34:07 -0800 Received: from fmsmsx102.amr.corp.intel.com (10.18.124.200) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.319.2; Mon, 5 Feb 2018 18:34:06 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX102.amr.corp.intel.com (10.18.124.200) with Microsoft SMTP Server (TLS) id 14.3.319.2; Mon, 5 Feb 2018 18:34:05 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.116]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.130]) with mapi id 14.03.0319.002; Tue, 6 Feb 2018 10:34:04 +0800 From: "Wu, Jiaxin" To: Laszlo Ersek , "Kinney, Michael D" , "Fu, Siyuan" , "Ye, Ting" , "Li, Ruth" , "Long, Qin" , "Yao, Jiewen" , "Hsiung, Harry L" CC: edk2-devel-01 Thread-Topic: setting the TLS cipher list for HTTPS booting Thread-Index: AQHTkTKC7SSIQqPfwE6mEzdxVropQKN8Nf+ggALqwACAAZWo0IAARlKAgAAQ6YCAATdDQIAAHRVggAA0GHCAAB3oAIABPwpggAAYLYCACzCM8IAF+QiAgAGNTBA= Date: Tue, 6 Feb 2018 02:34:03 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B72741637E42F@SHSMSX103.ccr.corp.intel.com> References: <5307d880-d016-ad91-04f5-6b83eb40f905@redhat.com> <895558F6EA4E3B41AC93A00D163B72741635E571@SHSMSX103.ccr.corp.intel.com> <7b529d2c-1e46-3bd5-d8a6-9225a630f23b@redhat.com> <895558F6EA4E3B41AC93A00D163B72741635F0B5@SHSMSX103.ccr.corp.intel.com> <366c3083-0eb1-ecb4-2050-654c09135f8a@redhat.com> <93bf358e-7e57-a0f0-b8ba-239e72036c27@redhat.com> <895558F6EA4E3B41AC93A00D163B72741635F6BC@SHSMSX103.ccr.corp.intel.com> <895558F6EA4E3B41AC93A00D163B72741635F7FE@SHSMSX103.ccr.corp.intel.com> <895558F6EA4E3B41AC93A00D163B72741635F9AF@SHSMSX103.ccr.corp.intel.com> <925c091e-af14-2449-e3ba-f8d6302dea49@redhat.com> <895558F6EA4E3B41AC93A00D163B72741635FE91@SHSMSX103.ccr.corp.intel.com> <99394818-f0d5-8566-c1f7-240004e5cedd@redhat.com> <895558F6EA4E3B41AC93A00D163B72741637DE9E@SHSMSX103.ccr.corp.intel.com> <49d94fe2-5953-61bf-6252-42fa77eb08fb@redhat.com> In-Reply-To: <49d94fe2-5953-61bf-6252-42fa77eb08fb@redhat.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiOWE3YzJlMzgtMGE4Yy00NjkyLWJmNTUtNzgxNmJmZmFkZDNkIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE2LjUuOS4zIiwiVHJ1c3RlZExhYmVsSGFzaCI6ImJRQ0RFcUZkWVNsSDBNbHRCTTdsYWZua1owSndNNmFxazBGR3BOblk0RlE9In0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: setting the TLS cipher list for HTTPS booting X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Feb 2018 02:28:26 -0000 Content-Language: en-US Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 TGVhdmluZyB0aGUgdmFyaWFibGUgdXAgdG8gdGhlIHBsYXRmb3JtIHNldHRpbmcgaXMgZ29vZCB0 byBtZS4gDQoNCk1pa2UsDQoNCklmIHlvdSBoYXZlIG5vIGNvbW1lbnRzLCB3ZSB3aWxsIGZvbGxv dyB0aGUgdmFyaWFibGUgc29sdXRpb24uIA0KDQpUaGFua3MsDQpKaWF4aW4NCg0KPiAtLS0tLU9y aWdpbmFsIE1lc3NhZ2UtLS0tLQ0KPiBGcm9tOiBMYXN6bG8gRXJzZWsgW21haWx0bzpsZXJzZWtA cmVkaGF0LmNvbV0NCj4gU2VudDogTW9uZGF5LCBGZWJydWFyeSA1LCAyMDE4IDY6NDcgUE0NCj4g VG86IFd1LCBKaWF4aW4gPGppYXhpbi53dUBpbnRlbC5jb20+OyBLaW5uZXksIE1pY2hhZWwgRA0K PiA8bWljaGFlbC5kLmtpbm5leUBpbnRlbC5jb20+OyBGdSwgU2l5dWFuIDxzaXl1YW4uZnVAaW50 ZWwuY29tPjsgWWUsIFRpbmcNCj4gPHRpbmcueWVAaW50ZWwuY29tPjsgTGksIFJ1dGggPHJ1dGgu bGlAaW50ZWwuY29tPjsgTG9uZywgUWluDQo+IDxxaW4ubG9uZ0BpbnRlbC5jb20+OyBZYW8sIEpp ZXdlbiA8amlld2VuLnlhb0BpbnRlbC5jb20+OyBIc2l1bmcsIEhhcnJ5IEwNCj4gPGhhcnJ5Lmwu aHNpdW5nQGludGVsLmNvbT4NCj4gQ2M6IGVkazItZGV2ZWwtMDEgPGVkazItZGV2ZWxAbGlzdHMu MDEub3JnPg0KPiBTdWJqZWN0OiBSZTogc2V0dGluZyB0aGUgVExTIGNpcGhlciBsaXN0IGZvciBI VFRQUyBib290aW5nDQo+IA0KPiBPbiAwMi8wNS8xOCAwNDozMywgV3UsIEppYXhpbiB3cm90ZToN Cj4gPiBIaSBMYXN6bG8sDQo+ID4NCj4gPiBJbiByZWNlbnQgZGF5cywgd2UgcmVjZWl2ZWQgdGhl IGNvbW1lbnQgZnJvbSBLaW5uZXkgYWJvdXQgdGhlIFBDRA0KPiA+IHVzYWdlIGluIFVFRkkgZHJp dmVyLiAgS2lubmV5IGRvZXNuJ3QgcmVjb21tZW5kIHVzIHRvIHVzZSB0aGUgKmR5bmFtaWMNCj4g PiBQQ0QqIGluICpzb2Z0LWxvYWRpbmcqIFVFRkkgZHJpdmVyIGV2ZW4gdGhvdWdoIGl0J3Mgbm90 IHByb2hpYml0ZWQuDQo+ID4NCj4gPiBTbywgd2Ugd2FudCB0byBjb25maXJtIHdpdGggeW91IHdo ZXRoZXIgdGhpcyBpcyB0aGUgdXJnZW50IHJlcXVlc3QNCj4gPiBuZWVkIHVzIHRvIHN1cHBvcnQg aXQgQVNBUCBvciBpdCdzIGluIGxvdyBwcmlvcml0eS4NCj4gPg0KPiA+IElmIHlvdSBuZWVkIHVz IHN1cHBvcnQgdGhlIGZlYXR1cmUgQVNBUCwgd2UgY2FuIHVzZSB0aGUgIHByaXZhdGUNCj4gPiB2 YXJpYWJsZSBzb2x1dGlvbiBhcyB3ZSBkaXNjdXNzZWQgYmVmb3JlIHNpbmNlIHRoZXJlIGlzIG5v IHNlY3VyaXR5DQo+ID4gaXNzdWUgYW5kIHRoZSBzaXplIHJlcXVpcmVtZW50IGlzIG5vdCBiaWcu DQo+ID4NCj4gPiBJZiBub3QgdXJnZW5jeSwgd2UgbWlnaHQgY29uc2lkZXIgd2hldGhlciBuZWVk IHRvIGRlZmluZSBhIHBsYXRmb3JtIHRvDQo+ID4gZHJpdmVyIGNvbmZpZ3VyYXRpb24gcHJvdG9j b2wgb3Igbm90LiBZb3Uga25vdyBpdCB3aWxsIHRha2UgYSBsb25nDQo+ID4gdGltZSB0byBzY2Fu ZGFsaXplIG9uZSBwcm90b2NvbCBmb3IgcGxhdGZvcm0gSFRUUFMgY29uZmlndXJhdGlvbiBpbg0K PiA+IHRoZSBmdXR1cmUgVUVGSSBzcGVjLg0KPiANCj4gVGhlIHZhcmlhYmxlIGFwcHJvYWNoIHNv dW5kcyBnb29kIHRvIG1lLCBidXQgd2l0aCBhIHNtYWxsIHR3aXN0Og0KPiANCj4gQ291bGQgd2Ug cGxlYXNlIGxlYXZlIGl0IHVwIHRvIHRoZSBwbGF0Zm9ybSB3aGV0aGVyIHRoZSBwcml2YXRlIHZh cmlhYmxlDQo+IGlzIG5vbi12b2xhdGlsZSB2ZXJzdXMgdm9sYXRpbGU/IEJlY2F1c2UgcGxhdGZv cm0gWCBtaWdodCB3YW50IHRvDQo+IGNvbmZpZ3VyZSB0aGUgY2lwaGVyIHN1aXRlIGxpc3Qgb25j ZSwgcGVybWFuZW50bHksIHdoaWxlIHBsYXRmb3JtIFkNCj4gbWlnaHQgd2FudCB0byBjb25maWd1 cmUgdGhlIGNpcGhlciBzdWl0ZSBsaXN0IGR5bmFtaWNhbGx5IG9uIGVhY2ggYm9vdC4NCj4gRm9y IHBsYXRmb3JtIFksIHNwZW5kaW5nIGFueSBmbGFzaCBzcGFjZSAoYW5kIGZsYXNoIHdyaXRpbmcg dGltZSkgb24gdGhlDQo+IHZhcmlhYmxlIGlzIHN1cGVyZmx1b3VzLg0KPiANCj4gRm9yIFFFTVUg LyBPVk1GIHNwZWNpZmljYWxseSwgSSB3b3VsZCBwcmVmZXIgYSB2b2xhdGlsZSwgYm9vdC10aW1l IG9ubHkNCj4gdmFyaWFibGUuIEFmdGVyIHNldHRpbmcgdGhpcyB2YXJpYWJsZSwgSSB0aGluayBP Vk1GIHBsYXRmb3JtIGNvZGUgc2hvdWxkDQo+IGV2ZW4gbG9jayBpdCBkb3duIHdpdGggdGhlIGVk azIgdmFyaWFibGUgbG9jayBwcm90b2NvbC4gSW4gZWZmZWN0IHRoaXMNCj4gd291bGQgYmVoYXZl IGxpa2UgYSAicmVhZCBvbmx5IiBQQ0QgLS0gbm8gZmxhc2ggaW1wYWN0IGF0IGFsbC4NCj4gDQo+ IEFzIGxvbmcgYXMgSHR0cER4ZSBvbmx5IGNhbGxzIGdSVC0+R2V0VmFyaWFibGUoKSAob3IgZXF1 aXZhbGVudCB3cmFwcGVycw0KPiBmcm9tIFVlZmlMaWIpIG9uIHRoZSBuZXcgdmFyaWFibGUsIHRo ZSB2YXJpYWJsZSdzIGF0dHJpYnV0ZXMgc2hvdWxkIG5vdA0KPiBtYXR0ZXI7IHRoZXkgY2FuIGJl IGxlZnQgdG8gdGhlIHBsYXRmb3JtLg0KPiANCj4gVGhhbmtzIQ0KPiBMYXN6bG8NCj4gDQo+IA0K PiA+PiAtLS0tLU9yaWdpbmFsIE1lc3NhZ2UtLS0tLQ0KPiA+PiBGcm9tOiBMYXN6bG8gRXJzZWsg W21haWx0bzpsZXJzZWtAcmVkaGF0LmNvbV0NCj4gPj4gU2VudDogVGh1cnNkYXksIEphbnVhcnkg MjUsIDIwMTggODo0MiBQTQ0KPiA+PiBUbzogV3UsIEppYXhpbiA8amlheGluLnd1QGludGVsLmNv bT47IEZ1LCBTaXl1YW4gPHNpeXVhbi5mdUBpbnRlbC5jb20+Ow0KPiBZZSwNCj4gPj4gVGluZyA8 dGluZy55ZUBpbnRlbC5jb20+OyBMb25nLCBRaW4gPHFpbi5sb25nQGludGVsLmNvbT47IFlhbywg Smlld2VuDQo+ID4+IDxqaWV3ZW4ueWFvQGludGVsLmNvbT47IEhzaXVuZywgSGFycnkgTCA8aGFy cnkubC5oc2l1bmdAaW50ZWwuY29tPg0KPiA+PiBDYzogZWRrMi1kZXZlbC0wMSA8ZWRrMi1kZXZl bEBsaXN0cy4wMS5vcmc+DQo+ID4+IFN1YmplY3Q6IFJlOiBzZXR0aW5nIHRoZSBUTFMgY2lwaGVy IGxpc3QgZm9yIEhUVFBTIGJvb3RpbmcNCj4gPj4NCj4gPj4gT24gMDEvMjUvMTggMDU6NTIsIFd1 LCBKaWF4aW4gd3JvdGU6DQo+ID4+PiBIaSBMYXN6bG8sDQo+ID4+Pg0KPiA+Pj4gVGhlIEh0dHBE eGUgZHJpdmVyIG5lZWRzIHRvIGluc3RhbGwgdGhlIERyaXZlciBCaW5kaW5nIFByb3RvY29sIHNv IGFzDQo+ID4+PiB0byBjaGVjayBpZiBhIHNwZWNpZmljIGNvbnRyb2xsZXIgaXMgc3VwcG9ydGVk IGJ5IEh0dHBEeGUuIEh0dHBEeGUNCj4gPj4+IGNhbiBvbmx5IGJlIHN0YXJ0ZWQgaWYgdGhlIFRj cFNlcnZpY2VCaW5kaW5nUHJvdG9jb2wgZXhpc3RlZC4gU28sIGl0DQo+ID4+PiBoYXMgdG8gZm9s bG93IHRoZSBVRUZJIERyaXZlciBNb2RlbC4NCj4gPj4+DQo+ID4+PiBGb3IgdGhlIFBDRCB1c2Fn ZSwgSSB0aGluayBpdCBzaG91bGQgYmUgZmluZSB0byBjb3ZlciB0aGUNCj4gPj4+IGNvbmZpZ3Vy YXRpb24gb2YgVUVGSSBEcml2ZXJzIHRocm91Z2ggdGhlIFBDRCBzZXR0aW5ncy4gVGhlDQo+ID4+ PiByZXF1aXJlbWVudCBvZiAqLmluZiBuZWVkcyB0byBpbmNsdWRlIHRoZSBQY2RMaWIgYW5kIHRo ZSBzZWN0aW9uIG9mDQo+ID4+PiBbUGNkXS4gV2UgYWxyZWFkeSBoYXZlIHRoZSBzaW1pbGFyIHBh dHRlcm4gZm9yIHRoaXMgdXNhZ2UsIGZvcg0KPiA+Pj4gZXhhbXBsZSwgUHMyS2V5Ym9hcmREeGUs IFBjaUJ1c0R4ZSwgUGNpU2lvU2VyaWFsRHhlLCBhbmQgZXRjIGluDQo+ID4+PiBNZGVNb2R1bGVQ a2cuIEJlc2lkZXMsIHRoZXJlIGFyZSBzb21lIGFkdmFudGFnZXMgYnkgdXNpbmcgUENEDQo+ID4+ PiBjb21wYXJlZCB0byB0aGUgdmFyaWFibGUuIEZpcnN0LCBQQ0QgaXMgb25lIGtpbmQgb2YgaW50 ZXJmYWNlIHRoYXQNCj4gPj4+IG1vcmUgZm9ybWFsIHRoYW4gYSBwcml2YXRlIHZhcmlhYmxlLCB0 aGUgc2V0dGluZyBieSBQQ0QgaXMgbW9yZQ0KPiA+Pj4gYWNjZXB0YWJsZSBieSB0aGUgY29uc3Vt ZXIuIFNlY29uZGx5LCBmcm9tIGEgKnNlY3VyaXR5KiBzdGFuZHBvaW50LA0KPiA+Pj4gdmFyaWFi bGUgY2FuIGJlIGR1bXBlZCBlYXNpbHkgZnJvbSB0aGUgZmxhc2ggcmVnaW9uLiBIZXJlLCBldmVu DQo+ID4+PiB0aG91Z2ggaXQncyBubyBzZWN1cml0eSBpbXBhY3QgdG93YXJkcyB0aGUgY2lwaGVy IGxpc3Qgc3RvcmFnZQ0KPiA+Pj4gYmVjYXVzZSBpdCB3aWxsIGJlIHB1YmxpYyBzaGFyZWQgdG8g cmVtb3RlIHNlcnZlciwgYnV0IHdlIG5lZWQgdG8NCj4gPj4+IHRoaW5rIGFuZCAqYWxpZ24qIHdp dGggb3RoZXIgY29uZmlndXJhdGlvbnMgZm9yIFRMUyBpbiBIVFRQUyBsZXZlbC4NCj4gPj4+IEZv ciBleGFtcGxlLCBpbiB0aGUgZnV0dXJlLCB3ZSBtaWdodCBzdXBwb3J0IHRoZSBIVFRQUyBtdXR1 YWwNCj4gPj4+IGF1dGhlbnRpY2F0aW9uLCB0aGFuIHRoZSBob3N0IFByaXZhdGVLZXkvUGFzc3dv cmQNCj4gPj4+IChFZmlUbHNDb25maWdEYXRhVHlwZUhvc3RQcml2YXRlS2V5KSAqbXVzdG4ndCog YmUgc2F2ZWQgYXMgYSB2YXJpYWJsZQ0KPiA+Pj4gZHVlIHRvIGl0cyBjb25maWRlbnRpYWxpdHks IHdoaWxlIFBDRCBpcyBnb29kIGNob2ljZS4gQXQgdGhhdCB0aW1lLA0KPiA+Pj4gd2Ugd2lsbCBh bHNvIHByb3ZpZGUgdGhlIFBDRCBmb3IgRWZpVGxzQ29uZmlnRGF0YVR5cGVDQUNlcnRpZmljYXRl LA0KPiA+Pj4gd2hpY2ggaXMgY3VycmVudGx5IHNldHRpbmcgYnkgdGhlIHZhcmlhYmxlIChUbHND YUNlcnRpZmljYXRlKSwgc28gYXMNCj4gPj4+IHRvIGFsaWduIGFsbCB0aGUgY29uZmlndXJhdGlv biBzZXR0aW5nIG9uIG9uZSBsaW5lLCB3aGljaCBjYW4gcmVkdWNlDQo+ID4+PiB0aGUgY29tcGxl eGl0eSBvZiBwbGF0Zm9ybSB1c2FnZS4gRmluYWxseSwgd2UgY2FuIGFsc28gc2F2ZSB0aGUNCj4g Pj4+IHZhcmlhYmxlIHNwYWNlLg0KPiA+Pj4NCj4gPj4+IEZyb20gdGhlIGFib3ZlLCB0aGUgZHlu YW1pYyBQQ0QgaXMgYSBzb2x1dGlvbiBJIHN0aWxsIHByZWZlcnJlZC4NCj4gPj4NCj4gPj4gT0ss IGl0IHdvcmtzIGZvciBtZS4gVGhhbmtzIQ0KPiA+PiBMYXN6bG8NCg0K