Hm, I think that I actually agree. But David's done enough, so I'll have a look myself.
On Thu, Mar 3, 2016 at 5:33 PM Blumenthal, Uri - 0553 - MITLL < u...@ll.mit.edu> wrote: > On 3/3/16, 11:30 , "openssl-dev on behalf of Hanno Böck" > <openssl-dev-boun...@openssl.org on behalf of ha...@hboeck.de> wrote: > > >On Thu, 03 Mar 2016 16:18:57 +0000 Emilia Käsper <emi...@openssl.org> > >wrote: > >>https://github.com/openssl/openssl/pull/783 > > > >This is different from what I had in mind. > >... > >I would argue that cbc/hmac is so fragile that it's always preferrable > >to have aead before cbc/hmac. The security difference between 128 and > >256 bit aes is imho mostly irrelevant in practice. > > Again, +1 > > Perhaps David can do his magic again? :-) > -- > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev >
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
