[openssl-dev] Proposed cipher changes for post-1.0.2
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Feb 10 23:13:36 UTC 2015
On Tue, Feb 10, 2015 at 10:38:01PM +0100, Hanno B?ck wrote:
> On Tue, 10 Feb 2015 21:15:36 +0000
> "Salz, Rich" <rsalz at akamai.com> wrote:
>
> > Comments?
>
> Sounds good.
>
> I'd further suggest to move everything that's not PFS&AEAD
> from HIGH to MEDIUM.
Thus breaking applications that were previously using HIGH as a
reasonably interoperable setting.
You can introduce all kinds of new settings, promote their use,
even change the default, but incompatibly re-definining existing
interfaces is not a winning strategy.
--
Viktor.
More information about the openssl-dev
mailing list