Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Tue, Nov 17, 2015 at 11:12 AM, Jeffrey Walton wrote: > > MD2 - (The argument that someone somewhere may want to keep verifying old > > MD2 signatures on self-signed certs doesn't seem like a compelling enough > > reason to me. It's been disabled by default since OpenSSL

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

With regard to the idea that one can simply make older algorithms Somebody Else's Problem: is it *known* that another viable, well-maintained product sees this as one of its roles? That would be more reassuring, I think, than just hoping that some unknown group will step into the gap. -- Mark

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

>> We can significantly reduce that liability by removing any assembler >> optimisations. Also just because something is available doesn't mean it >> has to be "default". We can have good defaults whilst keeping old crypto. > > Zooko Wilcox O'Hearn recently gave a talk at a software assurance >

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Tue, Nov 17, 2015 at 7:21 AM, Emilia Käsper wrote: > > > On Tue, Nov 17, 2015 at 11:12 AM, Jeffrey Walton wrote: >> >> > MD2 - (The argument that someone somewhere may want to keep verifying >> > old >> > MD2 signatures on self-signed certs doesn't seem

Re: [openssl-users] Does openssl server always choose highest TLS version offered?

? I have seen rumors (nothing reliable) that the TLS WG is proposing to disable a whole lot of good cipher suites in TLS 1.3. Well, it's pretty easy to verify. Look at the IETF TLS-WG web page, and get a pointer to the current draft doc. Yes, TLS removes non-AEAD ciphers, and has only PFS key

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On Tue, Nov 17, 2015 at 11:24:17AM -0800, Jay Foster wrote: > I can understand the desire to remove the assembly code options, *ONLY* for deprecated legacy algorithms, as an alternative to the proposal to remove the algorithm entirely. > I recently updated a product I support (50MHz single

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/17/2015 9:56 AM, Jeffrey Walton wrote: We can significantly reduce that liability by removing any assembler optimisations. Also just because something is available doesn't mean it has to be "default". We can have good defaults whilst keeping old crypto. Zooko Wilcox O'Hearn recently gave

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

> MD2 - (The argument that someone somewhere may want to keep verifying old > MD2 signatures on self-signed certs doesn't seem like a compelling enough > reason to me. It's been disabled by default since OpenSSL 1.0.0.) > ... Apple still provides two Verisign certificates using

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

>> I asked for mainstream use-cases for algorithms whose removal could >> cause widespread pain. Some individual users, undoubtedly, will be hit >> by this, and I acknowledge that they may not be reading this list. But I >> wanted to know if I'd missed something endemic. I also asked elsewhere: >>

[openssl-users] FIPS certification for AES GCM mode algorithm

Hi all, We are using the OpenSSL FIPS module v2.0 and are in the process of certifying the algorithms for our implementation. As part of this process there are different types of questionnaires about the algorithms. The questionnaire for AES GCM mode asks: : : Input Data Lengths (0 to 65536

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

On 11/17/2015 12:00 PM, Jeffrey Walton wrote: > > > Also, if OpenSSL requires iOS 9 or above, then its setting policy for users. In some sense, yes. But it has always done so -- OpenSSL only supports certain platforms, and certain versions of certain platforms. There are prerequisites to being