[Ach] Cipher-Order: AES128/AES256 - was: Secure E-Mail Transport based on DNSSec/TLSA/DANE

Gunnar Haslinger gh.bettercrypto at hitco.at
Tue Nov 3 23:08:56 CET 2015

Am 03.11.2015 um 22:38 schrieb Aaron Zauner:
> I recommend double-checking a cipherstring recommendation against
> *all* 0.9.8 and 1.0.1 branches.

OK ... thats harder than I expected.
But than it seems to be unsolvable for me to get a predictable situation
by recommending a fixed "Cipher Suite B" String.

Maybe the recommendation should not be a fixed CipherString but a
OpenSSL/Distri-specific String?

Or maybe it's possible to write a Script which checks out what OpenSSL
offers on this specific platform and "brute-force-tests" with the very
common configuration-Options what fits best against to be defined

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20151103/59979192/attachment.html>

More information about the Ach mailing list