On 2/8/19 3:14 PM, Gary E. Miller via devel wrote: > My point is that instead of coming up with somthing new,we should try > hard to stick to longstanding and well battle tested existing cipher > strings.
Agreed! Unfortunately, in this case, I'm not sure if OpenSSL implements cipher strings for AEAD selection. I don't think they do. So _if_ we implement more than AES_SIV_CMAC_256, we may have to roll our own. However, _if_ we have to roll our own, we should make it behave similarly to OpenSSL cipher strings. -- Richard
signature.asc
Description: OpenPGP digital signature
_______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
