Hi, On Thu, Nov 26, 2020 at 05:04:45PM +0800, Tony He wrote: > Because there is HW crypto engine in some embedded devices, the crypto > engine maybe only supports hmac-sha256-cbc-aes.
OK, I was not aware that there is such special-case hardware. Thanks for the explanation. Yes, in that case it might be nice to add support for these crypto modes to DCO later, when the initial feature set is done, well tested and properly shaken down. For the initial feature set, DCO needs to focus on a subset of features that benefit most users - and that's AES-GCM and CHACHA. gert -- "If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel