[Ach] Proposal to change B cipher spec

[Aaron Zauner]

Hi Guys,

So far I've heard a lot of pros for keeping CAMELLIA and barely any
contra (except mine and that of iang). I have also given some thought to
it and I'd say we keep CAMELLIA in there as long as no public
vulnerabilities are known. CAMELLIA may still be used for TLS<->TLS
connections even if it is not supported by any browser. We're catering
for more than just webservers here. Althoug they are a very big part of
the reason for us to write these recommendations.

The preference of CAMELLIA is another question I have to ask, speed wise
AES will outperform CAMELLIA and this might actually prevent people from
deploying our configurations in real-world setups as well as linux
distributions alining their policy to our recommendations where
possible. This, in the end, should be one of our goals, right? We'd like
to have recommendations that people actually do deploy. We will have to
do a compromise between the best choices and actual deployability. I
know it's called "bettercrypto" but we're not cryptographers, we are
people trying to get the best currently possible crypto deployed on the
internet.


As you might have seen I have exluded the IDEA cipher completely so it
may not come up on old installations (I haven't noticed it in newer ones
i.e. openssl 0.9.8 and above).

Aaron

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20140406/d4a61208/attachment.sig>