On Tue, Apr 03, 2001 at 06:30:27PM +0100, Adam Langley wrote: > On Mon, Apr 02, 2001 at 02:12:41PM -0400, Tavin Cole wrote: > > I have been working on the FCPHandler servlet to bring it in line with the > > latest revisions to the FCP spec, and I've found a couple holes. We need > > to provide a SizeError response to a ClientPut in case the size of the > > data exceeds what is allowed for that key type (e.g. the 32k limit on > > non-CHKs). > > Yep, SizeError is a good call. Done. > > > Also, we need to allow a CipherName field in ClientPut which > > should probably default to Twofish.. (right now the FCPHandler is > > defaulting to Rijndael -- ??). > > Hmm, really? Should we? FNP has always been pretty conservative in > it's ciphers used and that helps stop cipher-creep (see the bloated > shit that is SSL). > > Scott, do we really want this? We use Twofish for document encryption currently, mostly to force implementations to abstract their cipher support in case we need to change ciphers. This could go either way really. You could add that to support that same argument, or you could use Rijndael.
-------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20010403/10abf0fa/attachment.pgp>
