fpoirotte
commented
9 years ago Depends on #27. Suite B compliance also requires that options be added in Pssht to restrict the lists of usable algorithms (for encryption/MAC/host keys/public keys/etc.).
Open fpoirotte opened 9 years ago
fpoirotte
commented
9 years ago Depends on #27. Suite B compliance also requires that options be added in Pssht to restrict the lists of usable algorithms (for encryption/MAC/host keys/public keys/etc.).
fpoirotte
commented
5 years ago See https://tools.ietf.org/html/rfc6239 for some of the implications. See also #27 & #34 for tickets that must first be resolved before we can tackle this issue.
See http://www.rfc-editor.org/rfc/rfc6239.txt. The goal of this ticket is to determine whether Pssht could theoritically be compatible with crypto suite B.
I say theoretically since Pssht has never (and probably never will) be audited for full compliance. Also, as a reminder, Pssht has not been made to be secure and probably cannot be made secure anyway, so if you're thinking of using it to handle confidential data, think again!