[openssl-dev] cipher order

Viktor Dukhovni openssl-users at dukhovni.org
Fri Mar 4 22:00:32 UTC 2016


> On Mar 4, 2016, at 3:57 PM, Emilia Käsper <emilia at openssl.org> wrote:
> 
> I've updated the pull to do a much more substantial cleanup.

What will @STRENGTH mean in this context?  Will ignore
the distinction between AES256 and AES128?  What does this
do to the @SECLEVEL interface which tries to provide
NIST-compatible bit strengths across multiple features?

Or we just changing the default order, and allowing
@STRENGTH to perturb it back, and @SECLEVEL to prune-away
128 leaving just 256, ...

In other words how does this fit into the larger picture?

-- 
	Viktor.



More information about the openssl-dev mailing list