CBC ciphers in relation to RFC7366 Encrypt-then-MAC
Good morning, there is a recommendation from German federal security office to still allow CBC-mode ciphers as long as TLS extention "Encrypt-then-MAC" (RFC7366) is in use. But I can't find any information how F5 currently behaves in this regards. Is there any special setting we have to care about or is this already active by default? For your reference, we are running 15.1.8. Can someone share some more details here? And what are your recommendations/experiences with CBC-mode ciphers? Thank you! Regards Stefan 🙂Solved2KViews1like13Comments