[openssl-dev] cipher order
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Thu Mar 3 16:33:17 UTC 2016
On 3/3/16, 11:30 , "openssl-dev on behalf of Hanno Böck"
<openssl-dev-bounces at openssl.org on behalf of hanno at hboeck.de> wrote:
>On Thu, 03 Mar 2016 16:18:57 +0000 Emilia Käsper <emilia at openssl.org>
>wrote:
>>https://github.com/openssl/openssl/pull/783
>
>This is different from what I had in mind.
>...
>I would argue that cbc/hmac is so fragile that it's always preferrable
>to have aead before cbc/hmac. The security difference between 128 and
>256 bit aes is imho mostly irrelevant in practice.
Again, +1
Perhaps David can do his magic again? :-)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4324 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160303/4f351b13/attachment-0001.bin>
More information about the openssl-dev
mailing list