Nikos Mavrogiannopoulos <[email protected]> writes: > I don't think I have anything. I remember I had an initial patch for > the issues in > https://www.mail-archive.com/[email protected]/msg01109.html > but didn't pass the test vectors. I can't find it patch though.
I'm adding it to plan.html, so I don't forget it. > Is it final then that openssh will not use the updated draft? No idea. There have been no recent discussions on the ietf ssh list, and I don't follow openssh development. But the ssh protocol is a bit special, since it encrypts the packet length field. With cacha-poly1305, I think it's natural to use the left over bits of block 0 and xor them to the packet length, but iirc openssh used a separately keyed chacha instance instead. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list [email protected] http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs
