LibreSSL languishes on Linux
LibreSSL languishes on Linux
Posted Jan 5, 2021 14:02 UTC (Tue) by wqweto (guest, #143975)In reply to: LibreSSL languishes on Linux by tialaramex
Parent article: LibreSSL languishes on Linux
No one in fancy languages camp wants to deal with backward compatibility obviously.
cheers,
</wqw>
Posted Jan 5, 2021 14:49 UTC (Tue)
by Cyberax (✭ supporter ✭, #52523)
[Link] (1 responses)
So AES-CBC is something that you'd want to use with >10 year old code that hasn't been upgraded since then.
Posted Jan 5, 2021 20:17 UTC (Tue)
by tialaramex (subscriber, #21167)
[Link]
Of course the IETF does not have an enforcement arm, if you don't want to implement arguably unsafe choices like TLS_RSA_WITH_AES_128_CBC_SHA then nobody will actually force you to do so. A TLS 1.2 client that only does ECDHE will work on a lot of the web today, and avoids any concerns with how unsafe RSA kex is, but it would not be compliant with the standard and isn't compatible enough that you could say, ship it in a mass market web browser today, likewise for AEAD suites.
LibreSSL languishes on Linux
LibreSSL languishes on Linux