linuxdcpp-team team mailing list archive

Thread
Date

[Bug 1620106] Re: Upgrade to OpenSSL 1.1

To: linuxdcpp-team@xxxxxxxxxxxxxxxxxxx
From: cologic <1620106@xxxxxxxxxxxxxxxxxx>
Date: Sun, 04 Sep 2016 21:40:33 -0000
Reply-to: Bug 1620106 <1620106@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

That's fair. I'll retract this bug.

I'm still looking forward to using
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 and
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
preferentially, since
https://www.ietf.org/proceedings/88/slides/slides-88-tls-1.pdf suggests
they're almost 4 times faster on both x86 and ARM than the existing AES-
GCM ciphers and avoid certain GCM cryptographic brittleness/fragility.

** Changed in: dcplusplus
       Status: New => Won't Fix

** Summary changed:

- Upgrade to OpenSSL 1.1
+ Upgrade to OpenSSL 1.1.0

-- 
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/1620106

Title:
  Upgrade to OpenSSL 1.1.0

Status in DC++:
  Won't Fix

Bug description:
  https://www.openssl.org/news/changelog.html#x1 notes:
    *) Support for ChaCha20 and Poly1305 added to libcrypto and libssl.
       [Andy Polyakov]

    *) CCM support via EVP. Interface is very similar to GCM case except we
       must supply all data in one chunk (i.e. no update, final) and the
       message length must be supplied if AAD is used. Add algorithm test
       support.
       [Steve Henson]

  Which are useful to have going forward, and to be useful, to get in as
  early a version as feasible.

To manage notifications about this bug go to:
https://bugs.launchpad.net/dcplusplus/+bug/1620106/+subscriptions

References

[Bug 1620106] [NEW] Upgrade to OpenSSL 1.1
From: cologic, 2016-09-04