On Sun, Dec 15, 2013 at 10:46:04AM -0500, Julien Vehent wrote: > On 2013-12-14 19:47, Kosuke Kaizuka wrote: > >Camellia is widely reviewed and chosen as a recommended cipher by > >several independent committees. > >If CAMELLIA_CBC is dropped by security reason, AES_CBC should be also > >dropped. > > > > There is another reason to drop CAMELLIA: AES with AES-NI is 8 times > faster. AES-NI is supported by the majority of server CPUs right now. > > Camellia is still fast in software, my laptop computes between 90 and > 160 MB/s with openssl and an intel cpu. But if we want to provide the > fastest response time to users, it's important to consider the server > cost on the client side.
It's not because it's enabled that you have to use it. The priority of Camellia is now always below AES. If the server supports AES it should pick it. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
