From 0e84324ccca54bd13725f81069fbe67f4003f282 Mon Sep 17 00:00:00 2001
From: "data-plane-api(Azure Pipelines)"
 <data-plane-api@users.noreply.github.com>
Date: Fri, 13 May 2022 01:51:36 +0000
Subject: [PATCH] doc: Remove SHA-1 cipher suites from the defaults on the
 server-side (#21240)

Related PR: https://github.com/envoyproxy/envoy/pull/20643

Signed-off-by: derekguo001 <dong.guo@intel.com>

Mirrored from https://github.com/envoyproxy/envoy @ 81cebf6b12b13f490cc0ff8c77abaaffc7ef590f
---
 envoy/extensions/transport_sockets/tls/v3/common.proto | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/envoy/extensions/transport_sockets/tls/v3/common.proto b/envoy/extensions/transport_sockets/tls/v3/common.proto
index 5fb8f1c8..d38d4edf 100644
--- a/envoy/extensions/transport_sockets/tls/v3/common.proto
+++ b/envoy/extensions/transport_sockets/tls/v3/common.proto
@@ -66,12 +66,8 @@ message TlsParameters {
   //
   //   [ECDHE-ECDSA-AES128-GCM-SHA256|ECDHE-ECDSA-CHACHA20-POLY1305]
   //   [ECDHE-RSA-AES128-GCM-SHA256|ECDHE-RSA-CHACHA20-POLY1305]
-  //   ECDHE-ECDSA-AES128-SHA
-  //   ECDHE-RSA-AES128-SHA
   //   ECDHE-ECDSA-AES256-GCM-SHA384
   //   ECDHE-RSA-AES256-GCM-SHA384
-  //   ECDHE-ECDSA-AES256-SHA
-  //   ECDHE-RSA-AES256-SHA
   //
   // In builds using :ref:`BoringSSL FIPS <arch_overview_ssl_fips>`, the default server cipher list is:
   //
@@ -79,12 +75,8 @@ message TlsParameters {
   //
   //   ECDHE-ECDSA-AES128-GCM-SHA256
   //   ECDHE-RSA-AES128-GCM-SHA256
-  //   ECDHE-ECDSA-AES128-SHA
-  //   ECDHE-RSA-AES128-SHA
   //   ECDHE-ECDSA-AES256-GCM-SHA384
   //   ECDHE-RSA-AES256-GCM-SHA384
-  //   ECDHE-ECDSA-AES256-SHA
-  //   ECDHE-RSA-AES256-SHA
   //
   // In non-FIPS builds, the default client cipher list is:
   //