[openssl-dev] cipher order

Emilia Käsper emilia at openssl.org
Thu Mar 3 17:16:49 UTC 2016


Hm, I think that I actually agree. But David's done enough, so I'll have a
look myself.

On Thu, Mar 3, 2016 at 5:33 PM Blumenthal, Uri - 0553 - MITLL <
uri at ll.mit.edu> wrote:

> On 3/3/16, 11:30 , "openssl-dev on behalf of Hanno Böck"
> <openssl-dev-bounces at openssl.org on behalf of hanno at hboeck.de> wrote:
>
> >On Thu, 03 Mar 2016 16:18:57 +0000 Emilia Käsper <emilia at openssl.org>
> >wrote:
> >>https://github.com/openssl/openssl/pull/783
> >
> >This is different from what I had in mind.
> >...
> >I would argue that cbc/hmac is so fragile that it's always preferrable
> >to have aead before cbc/hmac. The security difference between 128 and
> >256 bit aes is imho mostly irrelevant in practice.
>
> Again, +1
>
> Perhaps David can do his magic again? :-)
> --
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160303/426d7b2c/attachment.html>


More information about the openssl-dev mailing list