* On 03 Feb 2015, Brendan Cully wrote: > > > > Thanks for your input! I did do a little searching around. > > > > In the openssl changelog for 0.9.7 [31 Dec 2002]: > > https://www.openssl.org/news/changelog.html > > it mentions Rijndael and aes a few times. > > > > I also found a ticket from 2/2004: > > https://rt.openssl.org/Ticket/Display.html?id=834&user=guest&pass=guest > > that indicates the -aes256 flag was already supported back then. > > > > I can't say for certain that it's universal at this point though, as I > > haven't really paid much attention on openssl up to this point! :-) > > > > So unless someone can proclaim that with certainty, I'll just push the > > des3 default in a few days. At least the other options are documented > > and people can adjust as they see fit. > > I think I'd prefer to go the other way, and default to the stronger > cipher. On those systems where it's unavailable the default can be > overridden, but the user will have her eyes open.
Basically I agree. If only a few people are left out then it's better to go with the more secure option. If the change sidelines a majority, then it's less appealing. But I think as Kevin pointed out aes256 is very widely supported. I think all the major server releases support it, just a question to me of popular desktop platforms (which I don't use, so...). So yes, let's push aes256 as default unless someone gives a compelling case for not doing so. -- David Champion • [email protected]
