[openssl-dev] Proposed cipher changes for post-1.0.2
Viktor Dukhovni
openssl-users at dukhovni.org
Tue Feb 10 23:52:04 UTC 2015
On Tue, Feb 10, 2015 at 10:52:02PM +0000, Salz, Rich wrote:
> > I'd further suggest to move everything that's not PFS&AEAD from HIGH to
> > MEDIUM.
>
> I think it's a little early to do that. But once TLS 1.3 is out, then yes :)
This is NOT a decision a library should be making on behalf of
applications. So, NO, not even then, except that of course when
TLS 1.3 is negotiated, that's all you get, but that only happens
with TLS 1.3 peers, which is fine and does not break compatibility,
and does not require re-definition of the existing cipher-suite
classes.
We should also recall that the master branch has introduced "security
levels", which may still need some work to become production-ready,
but are likely a better mechanism for applications to move to more
secure settings than incompatible changes in existing interfaces.
Not all applications are browsers folks, and libraries need to
provide stable interfaces that mirror the application's intent
consistent with expected behaviour of existing interfaces.
Only new interfaces can freely shed compatibility baggage.
--
Viktor.
More information about the openssl-dev
mailing list