[gnutls-devel] forcing 256bit symetric?
cloos at jhcloos.com
Thu Apr 16 19:18:46 CEST 2015
>>>>> "NM" == Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:
JC>> What is the shortest priority to demand aes256, prefering aead, but
JC>> accept the certs in actual use in the wild?
That gave me the hint I needed. I ended up with:
I'll add +AES-256-CCM once I know it is happy on my box.
>> SECURE256 fails because it demands sha512 and essentially no one uses
>> that to sign certs.
NM> Correct. We may need different keywords to indicate secrecy level of
NM> 256-bits, while keeping the handshake security level to the current
Sounds like a plan.
James Cloos <cloos at jhcloos.com> OpenPGP: 0x997A9F17ED7DAEA6
More information about the Gnutls-devel