[openssl-dev] 3DES is a HIGH-strength cipher?
Dr. Pala
director at openca.org
Sat Feb 13 09:37:13 UTC 2016
+1
Also, I would like to add that companies and some "security" appliances vendors really fail to understand the different ciphers properties (especially outside the web world).
Therefore, IMHO, providing a more fool-proof configuration (e.g. a strict definition of HIGH and disabling the rest by default) is something I would really welcome and recommend for future releases.
Cheers,
Max
> On Feb 12, 2016, at 9:29 PM, Salz, Rich <rsalz at akamai.com> wrote:
>
>
>> Well, it would be a major compatibility break for 1.0.2 and earlier, so no go
>> there. As for 1.1.0, folks
>
> Or those who trust us to say what HIGH means should, well, not be lied to.
>
> Something must be changed for 1.1 Either 3DES moves out of HIGH or the definition of HIGH as documented in the manpage must change.
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2374 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160213/1657cac6/attachment.bin>
More information about the openssl-dev
mailing list