[Swan-dev] a better unified proposal matcher
Paul Wouters
paul at nohats.ca
Mon Mar 2 05:04:25 EET 2015
On Fri, 27 Feb 2015, Andrew Cagney wrote:
> By bits I'm guessing you mean the different transform types: ENCR,
> INTEG, PRF, DH, ...
Yes.
> The critical change is to not do any combinatory explosion at all.
> Instead just go through the transforms once; and look at each
> independently.
Sure, but you have to do that per received proposal set, which are sent
in order of preference by the sender.
> That means, instead of trying to form and then match an entire
> combination such as aes_cbc+sha2_256+modp2048+sha2_256 we look at the
> transforms independently, and combine the result at the end.
Yes, that would be better.
Paul
More information about the Swan-dev
mailing list