On Thu, Feb 04, 2016 at 10:10:06AM +0000, Moonchild via RT wrote: > Really? > > That's all we get, a one-liner, no explanation, no rationale, response? > It's not even "brand new" functionality, Camellia as a raw cipher is already > in there, the only difference is wrapping it into GCM-based suites. Patches > are available, too.
I think the concerns are: - Nobody else seems to be using Camellia - We don't have a constant time implementation of it - For processors that have AESNI, it's slower than AES - Adding more ciphers to the default list will just increase the client hello and not change anything. That being said, I don't think there should be a problem adding the support. I'm just not sure about enabling it by default. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
