[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Should we settle on one SSL implementation?

From: Paul Wouters <paul xelerance com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Cc: Jesse Keating <jkeating redhat com>, Oisin Feeley <oisin feeley gmail com>
Subject: Re: Should we settle on one SSL implementation?
Date: Sat, 27 Oct 2007 15:07:12 -0400 (EDT)

On Sat, 27 Oct 2007, Steve Grubb wrote:

> During F9, there will be another parallel and somewhat related project to hunt
> down places where md-5 and sha-1 are being used and look at improving the
> situation so that sha-256, and in some cases other hash algorithms, could be
> used.

Also, as Michael Richardson <mcr xelerance com> reminded me:

	SHA256 is slower, and there are no hardware accelerators for it.
	(while, I think, VIA supports SHA1 acceleration?)
	If you want to switch, a switch to accelerated AES-XCBC would be a
	better choice, I think.  Or, AES-GCM mode, which hashes and encrypts in
	one step.

Paul

References:
- Should we settle on one SSL implementation?
  - From: Bernardo Innocenti
- Re: Should we settle on one SSL implementation?
  - From: Bernardo Innocenti
- Re: Should we settle on one SSL implementation?
  - From: Oisin Feeley
- Re: Should we settle on one SSL implementation?
  - From: Steve Grubb

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]