Add AES-CCM ciphers to all settings #279
Description
The AES-CCM ciphers and ciphersuites are missing from the Mozilla Server Side TLS document and the SSL Configurator. This cipher mode was ratified by the IETF in 2012 in RFC 6655, and are included in recent versions of OpenSSL. According to Wikipedia, they may provide better performance on embedded and low-power devices, and the cipher mode is also used in WPA2 CCMP and Bluetooth Low Energy. Despite poor support by web browsers, they are considered safe, and I feel that they should be added to the list of acceptable ciphers.
TLS 1.3 offers these ciphersuites (available in OpenSSL 1.1.1, but disabled by default):
TLS_AES_128_CCM_SHA256TLS_AES_128_CCM_8_SHA256
TLS 1.2 offers these ciphers:
TLS_ECDHE_ECDSA_WITH_AES_128_CCMTLS_ECDHE_ECDSA_WITH_AES_128_CCM_8TLS_ECDHE_ECDSA_WITH_AES_256_CCMTLS_ECDHE_ECDSA_WITH_AES_256_CCM_8TLS_DHE_RSA_WITH_AES_128_CCM_8TLS_DHE_RSA_WITH_AES_256_CCM_8TLS_DHE_RSA_WITH_AES_128_CCMTLS_DHE_RSA_WITH_AES_256_CCM