On Fri, Jun 30, 2006 at 09:41:08AM -0700, Chris Clark wrote: >> It's not a bug that AES182 is classified as "HIGH", although it is a >> missing feature that there is no class that encompasses only the >> 256-bit ciphers. That's why there now is "@STRENGTH", which does >> not add any ciphers and just sorts the one enabled so far.
> I assume "AES182" is a typo for AES128. Yes, sorry. > This is indeed a bug in OpenSSL according to the documentation at > http://www.openssl.org/docs/apps/ciphers.html): > > HIGH - with key lengths larger than 128 bits. > MEDIUM - those using 128 bit encryption. > LOW - those using 64 or 56 bit encryption algorithms excluding export > ciphers. > > But if I just use 'Medium' it does not select AES128. > and If I use 'High' then it selects both AES128 and AES256. Oh, I see. Actually this is a bug in the documentation since it was an intentional between from OpenSSL 0.9.8 and 0.9.8a to classify AES128 as "HIGH" (like triple DES, elevating these over 128-bit RC4, which remains "MEDIUM"). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
