[openssl-dev] 3DES is a HIGH-strength cipher?
Richard Moore
richmoore44 at gmail.com
Fri Feb 12 23:55:28 UTC 2016
On 12 February 2016 at 21:29, Salz, Rich <rsalz at akamai.com> wrote:
>
> > Well, it would be a major compatibility break for 1.0.2 and earlier, so
> no go
> > there. As for 1.1.0, folks
>
> Or those who trust us to say what HIGH means should, well, not be lied to.
>
> Something must be changed for 1.1 Either 3DES moves out of HIGH or the
> definition of HIGH as documented in the manpage must change.
>
>
Personally I think the fact that HIGH includes ciphersuites that offer no
MITM protection means that those who trust it have already been totally
betrayed.
Rich.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160212/489b0200/attachment-0001.html>
More information about the openssl-dev
mailing list