Appendix A. TLS 1.2 Cipher Suite Black List
An HTTP/2 implementation MAY treat the negotiation of cipher suites in this blacklist as a connection error of type INADEQUATE_SECURITY.
The following cipher suites are blacklisted due to known vulnerabilities or weak security properties:
Blacklisted Cipher Suites
The blacklist includes:
- NULL encryption cipher suites
- RC4 cipher suites
- DES and 3DES cipher suites
- Export-strength cipher suites
- Cipher suites with weak key exchange
- Cipher suites without forward secrecy
Implementation Requirements
Implementations MUST support:
- TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [TLS-ECDHE] with P-256 elliptic curve [FIPS186]
Security Considerations
Deployments that want to avoid the vulnerabilities described in this appendix SHOULD NOT negotiate cipher suites that use:
- NULL encryption
- Stream ciphers (e.g., RC4)
- Block ciphers without AEAD mode (e.g., CBC mode)
- Weak key exchange mechanisms
Note: For the complete and authoritative list of blacklisted cipher suites, please refer to the official RFC 7540 specification at:
````https://www.rfc-editor.org/rfc/rfc7540.txt\````