On Thu, 2014-09-11 at 15:00 +0200, Ralph Holz wrote: > Hi, > > >> The fact that implementations of Camellia exist does not mean they are > >> error-free. The cipher is in little use, too, so I doubt the > >> implementations have seen a lot of scrutiny. > > > > I doubt that. Camellia was even preferred to AES in browsers like chrome > > and firefox for quite long time (that is no longer the case though). > > https://bugzilla.mozilla.org/show_bug.cgi?id=430875 > > http://crypto.stackexchange.com/questions/6530/why-is-camellia-suddenly-so-widely-used > > > > So there is no technical reason for not having camellia in a BCP. > > Fair enough, but what about PolarSSL or GnuTLS? Not saying the devs > didn't do their job; just that we might rush something here.
What about them? Do you have any reasons to believe that the implementation there is flawed? As I'm the one who develops gnutls I have no such reasons to believe so. regards, Nikos _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
