[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Let's do a GNU TSL
From: |
Nikos Mavroyanopoulos |
Subject: |
Re: Let's do a GNU TSL |
Date: |
Thu, 24 Feb 2000 20:08:23 +0200 |
User-agent: |
Mutt/1.0i |
On Thu, Feb 24, 2000 at 05:28:55PM +0100, Werner Koch wrote:
> > To implement this we need an hmac implementation (i've already done one
> > for libmhash so it is no problem to make that again)
> I also did one which is still in this gsti library used as libgcrypt
> testbed but it will be moved to libgcrypt.
ok.
> > Also a pseudorandom function is needed in order to compute keys (the PRF in
> > the standard).
> Why a pseudorandom function - predictable keys are use in SSL? I
> can't beleive. libgcrypt has a CSPRNG.
No the pseudorandom function here (i think the name is not a good choice)
just expands a secret(key). (just like the s2k algorithms in openpgp).
> > Maybe we'll need also a compression algorithm (the standard does not
> > specify any),
> > and rc4( so arcfour), rc2, des, 3des, and idea implementations.
> Are these all MUST algorithms? If they are SHOULD we don't need
> to implement rc2 and idea becuase the are patent encumbered.
no they are not must algorithms. The only must algorithm is 3des.
However i do not think rc2 is patented since rfc2268 describes rc2 and does not
mention anything about patents. RC4 is used in almost all ssl implementations
so i think it is a good thing to have it.
> Nikos, can we take this to the new mailinglist?
I thought i've send that to the mailinglist, i've just forward it!
> Werner
--
Nikos Mavroyanopoulos
mailto:address@hidden