Author christian.heimes
Recipients alex, christian.heimes, dstufft, giampaolo.rodola, gregory.p.smith, janssen, pitrou
Date 2016-08-25.07:36:42
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
GPS, sure it is simple enough under Linux. But what about other operating systems? OPENSSL_ia32cap_loc() works under Windows, too.

Antoine, AES-GCM is still faster and performs better than ChaCha20 Poly1305. NSS and Mozilla's recommended cipher suite list prefers AES-GCM over ChaCha20, too.

It's reasonable and simple to provide the best cipher suite that matches the systems' capabilities. As Alex stated, performance is security.

To provide the CPU capabilities to the ssl module and 3rd party authors (e.g. Cory asked on behalf of requests), let's keep ssl._ia32cap() a private function and just add two constants: HAVE_AESNI = True/False/None, HAVE_PCLMULQDQ = True/False/None (None: ia32cap is not available on the system). Is that ok with you?
Date User Action Args
2016-08-25 07:36:43christian.heimessetrecipients: + christian.heimes, gregory.p.smith, janssen, pitrou, giampaolo.rodola, alex, dstufft
2016-08-25 07:36:43christian.heimessetmessageid: <>
2016-08-25 07:36:43christian.heimeslinkissue27768 messages
2016-08-25 07:36:42christian.heimescreate