Author christian.heimes
Recipients Lukasa, alex, christian.heimes, dstufft, giampaolo.rodola, hynek, janssen
Date 2016-08-15.12:12:43
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <a2a6ee27-acb8-2faa-a36c-49928afd098a@cheimes.de>
In-reply-to <1471259355.13.0.807885563493.issue27766@psf.upfronthosting.co.za>
Content
On 2016-08-15 13:09, Alex Gaynor wrote:
> 
> Alex Gaynor added the comment:
> 
> So, for servers really what we care about is if the _client_ has PCLMULQDQ/AESNI, not whether the server itself does. Unfortunately, there's no sane way to do this.

For servers we want to prefer CHACHA20 over AESGCM iff both sides have
AES-NI and CLMUL. A server on a device such as a RPi benefits from
CHACHA20, too. For that reason I also changed the server side cipher string.

As you already said, there is no way to express this with OpenSSL cipher
suite string.
History
Date User Action Args
2016-08-15 12:12:43christian.heimessetrecipients: + christian.heimes, janssen, giampaolo.rodola, alex, hynek, dstufft, Lukasa
2016-08-15 12:12:43christian.heimeslinkissue27766 messages
2016-08-15 12:12:43christian.heimescreate