On Wed, Nov 19, 2014 at 8:59 AM, joe <[email protected]> wrote: > > > Bottom line, I'm just not seeing the "we can't handle AES-256 because of > its inferior performance relative to AES-128" argument, at least not based > on the comparative metrics shown above (stipulated: that's for one crypto > library (openssl), on one particular operating system, on one particular > piece of hardware). > > If there are dramatic issues on other configurations where it would be a > "dealbreaker," I'd love sample metrics to be able to better understand > that performance concern. >
100% agree. As I've argued (vigorously) on a related list, I've seen zero evidence of informed performance concerns, as opposed to prevalent uninformed FUD, stopping TLS deployment. Companies deploy TLS for business reasons. Relatively minor performance variations don't trump solid business reasons. That said, reducing the overhead is desirable, especially for mobile clients, and at large scale that ~25% difference can matter. There are good reasons to choose 128-bit ciphers, but almost nobody is qualified to make the decision, hence blanket recommendations in BCP documents. b
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
