On 2/4/16, 12:10 , "openssl-dev on behalf of Kurt Roeckx via RT" <openssl-dev-boun...@openssl.org on behalf of r...@openssl.org> wrote:
>On Thu, Feb 04, 2016 at 10:10:06AM +0000, Moonchild via RT wrote: >> Really? >> >> That's all we get, a one-liner, no explanation, no rationale, response? >> It's not even "brand new" functionality, Camellia as a raw cipher is >>already >> in there, the only difference is wrapping it into GCM-based suites. >>Patches >> are available, too. > >I think the concerns are: >- Nobody else seems to be using Camellia I thought it’s used pretty widely in Asia. >- We don't have a constant time implementation of it Something to write in the documentation - not everybody needs to worry about this (contrary to what some academia publications seemed to imply). >- For processors that have AESNI, it's slower than AES So…? People who want to use it, most likely do it for reasons other than speed. >- Adding more ciphers to the default list will just increase the > client hello and not change anything. ??? >That being said, I don't think there should be a problem adding >the support. I'm just not sure about enabling it by default. Enabling by default probably is unnecessary, IMHO.
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
