-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello people,
An enhancement request here for OpenSSL to add support for Camellia in GCM with ECC key exchange. Rationale: Camellia has been recognized as a modern and supported cipher by ENISA, NESSIE, CRYPTREC, ISO and IETF among others so should be supported long-term. OpenSSL currently only supports the (rather expensive) DHE/RSA CBC+IV versions of the suite, and should be updated with the ECC and GCM modes of operation. It's important to have at least one cipher coming from non-US expert bodies that is maintained to the same level as AES currently is, and OpenSSL seems to be trailing behind in that respect. I would request addition of at least the following: TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 (0xc086) TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 (0xc08a) And possibly their 256-bit counterparts These suites are already supported in e.g. GNUTLS, Botan and PolarSSL, iiuc. Firefox will also be adding the GCM versions of Camellia to NSS, and my own browser (Pale Moon) also has it slated for the next milestone. Considering the large use of OpenSSL to build other software on, including big names, e.g. nginx, it's of great importance to add these suites. Thanks for your consideration, Moonchild (AKA Mark) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iF4EAREIAAYFAlYVsD8ACgkQEguw022l8qzGgAD+K6r2gxYYQRjrfAqz+JX1ClG9 1wsCrrMe1GZlnQLjAS0BAJmLVXej56Xpd8qNK4+tMucquUIjip8TNxTKyQu/MOeB =wzz5 -----END PGP SIGNATURE----- _______________________________________________ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
