> Out-of-curiosity, is the ChaCha-over-GCM to be configurable for the server > admin, or is it hidden black magic?
On the server-side, I think most of them work the same way: if the client puts ChaCha at the start of its list, and the server is configured with ChaCha as one of its ciphers, then the server "moves" Chacha to the front of its list and proceeds as normal. I think the CloudFlare patches just implemented that policy in code, based on patches they posted. I'm not going to say how Akamai did it except that no animal sacrifice is involved. I don't know how Google did it, but see next paragraph. On the crypto-library side, boringSSL had equivalence classes so you could specify that by configuring the CIPHER list. If running in a server, and the configured ciphers were like "[AES:CHACHA]:3DES:RC4" for example, then either AES or ChaCha would be picked. I don't know if Google servers use that, but I'd be a bit surprised if they didn't. As for OpenSSL, we need to figure out something. The "ciphers" syntax is showing its age. -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: [email protected] Twitter: RichSalz _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
