Let's do a GNU TSL
Nikos Mavroyanopoulos
nmav at hellug.gr
Thu Feb 24 19:08:23 CET 2000
On Thu, Feb 24, 2000 at 05:28:55PM +0100, Werner Koch wrote:
> > To implement this we need an hmac implementation (i've already done one
> > for libmhash so it is no problem to make that again)
> I also did one which is still in this gsti library used as libgcrypt
> testbed but it will be moved to libgcrypt.
ok.
> > Also a pseudorandom function is needed in order to compute keys (the PRF in
> > the standard).
> Why a pseudorandom function - predictable keys are use in SSL? I
> can't beleive. libgcrypt has a CSPRNG.
No the pseudorandom function here (i think the name is not a good choice)
just expands a secret(key). (just like the s2k algorithms in openpgp).
> > Maybe we'll need also a compression algorithm (the standard does not specify any),
> > and rc4( so arcfour), rc2, des, 3des, and idea implementations.
> Are these all MUST algorithms? If they are SHOULD we don't need
> to implement rc2 and idea becuase the are patent encumbered.
no they are not must algorithms. The only must algorithm is 3des.
However i do not think rc2 is patented since rfc2268 describes rc2 and does not
mention anything about patents. RC4 is used in almost all ssl implementations
so i think it is a good thing to have it.
> Nikos, can we take this to the new mailinglist?
I thought i've send that to the mailinglist, i've just forward it!
> Werner
--
Nikos Mavroyanopoulos
mailto:nmav at hellug.gr
More information about the Gnutls-devel
mailing list