[Swan-dev] include -NONE- when logging AEAD proposals?

Tuomo Soini tis at foobar.fi
Wed Sep 23 19:03:53 UTC 2020

On Wed, 23 Sep 2020 13:37:08 -0400
Andrew Cagney <andrew.cagney at gmail.com> wrote:

> The two choices I point forward were:
>   <encr>-<prf>-<dh> AES_CBC-HMAC_SHA2_256-DH31
>   <encr>-<integ>-<prf>-<dh>
> AES_CBC-HMAC_SHA2_256_128-HMAC_SHA2_256-DH31 I guess technically
> there's also: <encr>-<integ>-<dh> AES_CBC-HMAC_SHA2_256_128-DH31

> If we don't want to support prf!=integ then, I suspect, not showing
> the quad, even when the PRF/INTEG direct map, is safer.
> So add -none- and then let the dust settle.

I'm ok with that - but it must be documented somewhere that when prf
and integrity are same algo is printed only once. And if integrity
checking is in algo integrity algoritm is printed as none. But where to
document there?

Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>

More information about the Swan-dev mailing list