[openssl-dev] cipher order
Emilia Käsper
emilia at openssl.org
Fri Mar 4 20:57:19 UTC 2016
I've updated the pull to do a much more substantial cleanup.
On Thu, Mar 3, 2016 at 6:16 PM Emilia Käsper <emilia at openssl.org> wrote:
> Hm, I think that I actually agree. But David's done enough, so I'll have a
> look myself.
>
> On Thu, Mar 3, 2016 at 5:33 PM Blumenthal, Uri - 0553 - MITLL <
> uri at ll.mit.edu> wrote:
>
>> On 3/3/16, 11:30 , "openssl-dev on behalf of Hanno Böck"
>> <openssl-dev-bounces at openssl.org on behalf of hanno at hboeck.de> wrote:
>>
>> >On Thu, 03 Mar 2016 16:18:57 +0000 Emilia Käsper <emilia at openssl.org>
>> >wrote:
>> >>https://github.com/openssl/openssl/pull/783
>> >
>> >This is different from what I had in mind.
>> >...
>> >I would argue that cbc/hmac is so fragile that it's always preferrable
>> >to have aead before cbc/hmac. The security difference between 128 and
>> >256 bit aes is imho mostly irrelevant in practice.
>>
>> Again, +1
>>
>> Perhaps David can do his magic again? :-)
>> --
>> openssl-dev mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160304/6413d02e/attachment.html>
More information about the openssl-dev
mailing list