tls/ccm8: reduce the cipher strength for CCM8 ciphers to 64 bits

This is the length of the tag they use and should be considered an upper bound on their strength. This lowers their security strength to level 0. Reviewed-by: Matt Caswell <matt@openssl.org> Reviewed-by: Tomas Mraz <tomas@openssl.org> (Merged from https://github.com/openssl/openssl/pull/16652)
author: Pauli <pauli@openssl.org> 2021-09-23 12:27:11 +1000
committer: Pauli <pauli@openssl.org> 2021-09-24 17:38:39 +1000
commit: e07102220afe4059bc45aa3d7073b7678329e26e (patch)
tree: a7996f369bad514b8542c1ac320c33608d8ecf86 /CHANGES.md
parent: 56ffcce492ffc6f36b2f0d9431e23febe054dd04 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/CHANGES.md b/CHANGES.md
index cfb6eb0821..84fb4c3f84 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -24,8 +24,8 @@ OpenSSL 3.1
 
 ### Changes between 3.0 and 3.1 [xx XXX xxxx]
 
- * CCM8 cipher suites in TLS have been downgraded to security level 1 because
-   they use a short tag which lowers their strength.
+ * CCM8 cipher suites in TLS have been downgraded to security level zero
+   because they use a short authentication tag which lowers their strength.
 
    *Paul Dale*
author	Pauli <pauli@openssl.org>	2021-09-23 12:27:11 +1000
committer	Pauli <pauli@openssl.org>	2021-09-24 17:38:39 +1000
commit	e07102220afe4059bc45aa3d7073b7678329e26e (patch)
tree	a7996f369bad514b8542c1ac320c33608d8ecf86 /CHANGES.md
parent	56ffcce492ffc6f36b2f0d9431e23febe054dd04 (diff)