... | ... | @@ -15,13 +15,13 @@ Released date: Possibly end of March 2015 (depending on nettle 3.1 release) |
|
|
### Protocol/Ciphers:
|
|
|
* [#] **[Chacha cipher + poly1305 MAC](http://tools.ietf.org/html/draft-mavrogiannopoulos-chacha-tls-02):** An AEAD combination of chacha with the poly1305 authenticator for performance in software implementations. A former variant of it is already being used by google's servers for communication between them and chrome. That in addition would allow the use of fast stream cipher in DTLS. Depends on having a new nettle release which updates to the latest draft of Chacha-poly1305. **Postponed until Chacha-poly1305 is standardized by IETF**
|
|
|
|
|
|
* [x] **[AES-CCM](https://tools.ietf.org/html/rfc6655) and [AES-ECC-CCM](https://tools.ietf.org/html/rfc7251):** An alternative AES AEAD construction using CTR and CBC-MAC. Depends on porting to nettle 3.0.
|
|
|
* [x] **[AES-CCM](https://tools.ietf.org/html/rfc6655) and [AES-ECC-CCM](https://tools.ietf.org/html/rfc7251):** An alternative AES AEAD construction using CTR and CBC-MAC.
|
|
|
|
|
|
* [#] **Support for alternative to NIST elliptic curves:** There is a lot of hype around the curves defined by NIST and although there are many exaggerations, having alternatives is a good thing. Related drafts/RFCs: [http://tools.ietf.org/html/draft-josefsson-tls-curve25519-06](http://tools.ietf.org/html/draft-josefsson-tls-curve25519-06), [http://tools.ietf.org/html/rfc7027](http://tools.ietf.org/html/rfc7027) **Postponed; nettle doesn't support brainpool and curve25519 is not standardized yet**
|
|
|
|
|
|
* [x] **[Disable SSL 3.0 by default](http://nmav.gnutls.org/2014/10/what-about-poodle.html)**
|
|
|
|
|
|
* [x] **[Support for Encrypt-then-authenticate mode](http://tools.ietf.org/html/rfc7366):** That is becoming less and less relevant as GCM is becoming mainstream, but needed as the CBC ciphersuites are the only alternative and there is no plan to retire or replace them. **Note: [Implemented an errata version of the RFC](http://www.ietf.org/mail-archive/web/tls/current/msg14357.html).**
|
|
|
* [x] **[Support for Encrypt-then-authenticate mode](http://tools.ietf.org/html/rfc7366):** That is becoming less and less relevant as GCM is becoming mainstream, but needed as the CBC ciphersuites are the only alternative and there is no plan to retire or replace them. **Note: [Implemented an errata version of the RFC](http://www.rfc-editor.org/errata_search.php?rfc=7366).**
|
|
|
|
|
|
* [x] **[Fix for triple handshake](http://tools.ietf.org/html/draft-ietf-tls-session-hash-02):** Implement the proposed fix.
|
|
|
|
... | ... | |