[openssl-dev] Proposed cipher changes for post-1.0.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Feb 11, 2015 at 12:22:44AM +0000, Salz, Rich wrote:

> RC4 in LOW has a bit of pushback so far.  My cover for it is that
> the IETF says "don't use it."  So I think saying "if you want it,
> say so" is the way to go.

By all means, don't use it, but it is not OpenSSL's choice to make
by breaking the meaning of existing interfaces.

If you put RC4 in LOW, one can no longer exclude LOW ciphers if
one still needs RC4.  Nobody uses single-DES, but enough peers
still use (only) RC4 to make disabling of RC4 a choice best made
by applications.

-- 
	Viktor.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux