Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/2015 07:05 AM, Hubert Kario wrote: > So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to support > both relatively modern TLS with user certificates, preferably the newest > cryptosystems and hashes as well as the oldest ones that were > standardised and used. > > That

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 18 November 2015 at 17:57, Hubert Kario wrote: > On Wednesday 18 November 2015 11:12:59 Benjamin Kaduk wrote: > > On 11/18/2015 07:05 AM, Hubert Kario wrote: > > > So, a full CAdES-A, XAdES-A or PAdES-A implementation _needs_ to > > > support both relatively modern TLS with

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/18/2015 12:52 PM, Blumenthal, Uri - 0553 - MITLL wrote: > On 11/18/15, 12:12 , "openssl-dev on behalf of Benjamin Kaduk" > wrote: > >> On 11/18/2015 07:05 AM, Hubert Kario wrote: >>> So, a full CAdES-A, XAdES-A or PAdES-A

Re: [openssl-users] Does openssl server always choose highest TLS version offered?

On 18/11/2015 00:25, Salz, Rich wrote: ØI have seen rumors (nothing reliable) that the TLS WG is proposing to disable a whole lot of good cipher suites in TLS 1.3. Well, it’s pretty easy to verify. Look at the IETF TLS-WG web page, and get a pointer to the current draft doc. Yes, TLS

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Wed, Nov 18, 2015 at 02:34:41PM -0600, Benjamin Kaduk wrote: > > No, of course not. But after letting people depend on this “single > > cryptographic library” for many years, telling them “too bad” isn’t very > > nice. > > I guess I'm just having a hard time wrapping my head around why, upon