From: Michael Wojcik [mailto:michael.woj...@microfocus.com]
Thanks for the detailed and thoughtful response. I only want to respond to a
few of your points.
One is simply that we're seeing a lot of
OpenSSL roadmap announcements. That's good in the sense that before the
funding boost,
I agree with Viktor. His suggestion (keep RC4 in MEDIUM, suppress it
explicilty in DEFAULT) is a good one that maintains important backward
compatibility while providing the desired removal of RC4 by default. There's
no advantage to moving RC4 to LOW.
Sure there is: it's an accurate
All sorts of things can be done. Clearly, in the Brave New World of well-
funded OpenSSL, they'll have to be, because it's apparent that we're going to
see a lot of disruptive change made on the flimsiest of pretexts, with
objections from the user community brushed aside. That's your
On 11/02/2015 16:46, Salz, Rich wrote:
I agree with Viktor. His suggestion (keep RC4 in MEDIUM, suppress it
explicilty in DEFAULT) is a good one that maintains important backward
compatibility while providing the desired removal of RC4 by default. There's
no advantage to moving RC4 to LOW.
Sure
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Salz, Rich
Sent: Wednesday, February 11, 2015 10:47
To: openssl-users@openssl.org; openssl-...@openssl.org
Subject: Re: [openssl-users] [openssl-dev] Proposed cipher changes for
post-1.0.2
I agree with Viktor
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Viktor Dukhovni
Sent: Tuesday, February 10, 2015 21:01
To: openssl-...@openssl.org; openssl-users@openssl.org
Subject: Re: [openssl-users] [openssl-dev] Proposed cipher changes for
post-1.0.2
On Wed, Feb 11, 2015
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Salz, Rich
Sent: Wednesday, February 11, 2015 13:26
To: openssl-users@openssl.org
Subject: Re: [openssl-users] [openssl-dev] Proposed cipher changes for
post-1.0.2
All sorts of things can be done. Clearly
On Wed, Feb 11, 2015 at 12:59:22PM +0100, Hubert Kario wrote:
On Tuesday 10 February 2015 21:46:46 Viktor Dukhovni wrote:
On Tue, Feb 10, 2015 at 09:15:36PM +, Salz, Rich wrote:
I would like to make the following changes in the cipher specs, in the
master branch, which is planned for
On Wed, Feb 11, 2015 at 03:46:54PM +, Salz, Rich wrote:
I agree with Viktor. His suggestion (keep RC4 in MEDIUM, suppress it
explicitly in DEFAULT) is a good one that maintains important backward
compatibility while providing the desired removal of RC4 by default. There's
no advantage
On Tue, Feb 10, 2015 at 06:17:38PM -0500, Daniel Kahn Gillmor wrote:
On Tue 2015-02-10 16:15:36 -0500, Salz, Rich wrote:
I would like to make the following changes in the cipher specs, in the
master branch, which is planned for the next release after 1.0.2
Anything that uses RC4 or MD5
On Wed, Feb 11, 2015 at 12:22:44AM +, Salz, Rich wrote:
RC4 in LOW has a bit of pushback so far. My cover for it is that
the IETF says don't use it. So I think saying if you want it,
say so is the way to go.
By all means, don't use it, but it is not OpenSSL's choice to make
by breaking
By all means, don't use it, but it is not OpenSSL's choice to make by breaking
the meaning of existing interfaces.
Except that we've explicitly stated we're breaking things with this new release.
Those magic cipher keywords are point-in-time statements. And time has moved
on.
On Wed, Feb 11, 2015 at 03:30:57AM +, Salz, Rich wrote:
By all means, don't use it, but it is not OpenSSL's choice to make by
breaking
the meaning of existing interfaces.
Except that we've explicitly stated we're breaking things with this new
release.
Those magic cipher
currently, this is an error:
0 dkg@alice:~$ openssl ciphers -v ALL:!NO-SUCH-CIPHER
bash: !NO-SUCH-CIPHER: event not found
0 dkg@alice:~$
Yeah, but that's coming from bash, not openssl :)
; openssl ciphers -v ALL | wc
111 6758403
; openssl ciphers -v ALL:!FOOBAR | wc
111
On Wed, Feb 11, 2015 at 01:50:07AM -0500, Daniel Kahn Gillmor wrote:
RC4 in LOW has a bit of pushback so far. My cover for it is that the
IETF says don't use it. So I think saying if you want it, say so is
the way to go.
I think that's the correct position. People who want to be able
On Tue, Feb 10, 2015 at 09:15:36PM +, Salz, Rich wrote:
I would like to make the following changes in the cipher specs, in the master
branch, which is planned for the next release after 1.0.2
Anything that uses RC4 or MD5 what was in MEDIUM is now moved to LOW
Note, that RC4 is already
16 matches
Mail list logo