-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 08/10/2015 10:53, Alessandro Ghedini via RT wrote: > Patches for this are available at [0], however there has been some > resistance to adding the new TLS cipher suites to OpenSSL (see [1]), so > the discussion has stalled.
That's really disappointing! I don't understand the resistance to this addition. It's a cipher with no known attacks found over the past decade or so... >> These suites are already supported in e.g. GNUTLS, Botan and PolarSSL, >> iiuc. Firefox will also be adding the GCM versions of Camellia to NSS > > Do you have a source for the news above? IIRC Firefox used to support > Camellia, but dropped it in v37 or so. Other libs supporting this: GNUTLS: http://gnutls.org/manual/html_node/Supported-ciphersuites.html Botan: http://botan.randombit.net/manual/tls.html#tls-policies PolarSSL: https://tls.mbed.org/supported-ssl-ciphersuites Addition to Firefox/NSS: See recent discussion in https://bugzilla.mozilla.org/show_bug.cgi?id=1211248 (which addresses the premature removal of Camellia CBC ciphers) and recent activity on https://bugzilla.mozilla.org/show_bug.cgi?id=940119 (the actual implementation bug, which had stalled for a while but seems to want to get moving again. It has a reviewed patch.) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iF4EAREIAAYFAlYWQZkACgkQEguw022l8qzFBgD/d+FXvjUQA8CiqpA1ID1hm5em DFTBvTWBq5h5TIITRQ0A/0szG+yjimez7doxczfqzCpa8pb67BgegSAkUpsF6z8a =hAzy -----END PGP SIGNATURE----- _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
