[openssl-dev] [openssl.org #4017] [PATCH] Implement Camellia GCM suites (RFC 6367)

Hubert Kario hkario at redhat.com
Tue Aug 25 10:40:09 UTC 2015 

On Tuesday 25 August 2015 08:58:57 Hanno Böck wrote:
> On Mon, 24 Aug 2015 22:32:24 +0200
> 
> Hubert Kario <hkario at redhat.com> wrote:
> > > After all the whole
> > > heartbleed story can largely be explained by that. I'd propose that
> > > OpenSSL doesn't add any new features without a clear explanation
> > > what advantage they bring in which situation - and who is likely
> > > going to use that feature.
> > 
> > bugs happen, refusing to accept patches just because they can have
> > bugs is short sighted at best
> > 
> > or can I expect you to express the exact same concerns when ChaCha20
> > patches will be proposed?
> 
> I think the situation with chacha20 is very different. Its advantages
> seem convincing enough that some major players responsible for a
> large part of internet connections are already using it.
> I see nothing alike with camellia.

https://yourlogicalfallacyis.com/bandwagon

> If you can give me a convincing argument who would use camellia and for
> what I may reconsider my opinion. "It's standardized" doesn't mean
> anyone actually uses or wants to use it. Right now I only see people
> deprecating it.

Some devices supported only RC4 since "everybody else does support it anyway 
so there is no need for fallback ciphers and it's fast", now it is biting us 
hard...

And yes, servers do use it (44%) and prefer it. With Firefox 29 client hello 
close to 1% of connections to TLS enabled Alexa top 1 million servers ended up 
with some kind of Camellia cipher.

> I think the thing that bite with heartbleed was: A very obscure
> feature, nobody used it, nobody cared for it, so nobody looked at it.
> Camellia looks very similar, I doubt it will gain any significant use
> even if openssl supported camellia-gcm modes.

Unlike heartbeat, disabling camellia ciphers does not require recompilation of 
openssl, application's that use openssl or both.

-- 
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part.
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150825/f08f1999/attachment.sig>

More information about the openssl-dev mailing list