Let's do a GNU TSL

Nikos Mavroyanopoulos nmav at hellug.gr
Thu Feb 24 19:08:23 CET 2000


On Thu, Feb 24, 2000 at 05:28:55PM +0100, Werner Koch wrote:

> > To implement this we need an hmac implementation (i've already done one
> > for libmhash so it is no problem to make that again)
> I also did one which is still in this gsti library used as libgcrypt
> testbed but it will be moved to libgcrypt.  
ok.
 
> > Also a pseudorandom function is needed in order to compute keys (the PRF in
> > the standard).
> Why a pseudorandom function - predictable keys are use in SSL?  I
> can't beleive.  libgcrypt has a CSPRNG.
No the pseudorandom function here (i think the name is not a good choice)
just expands a secret(key). (just like the s2k algorithms in openpgp).

> > Maybe we'll need also a compression algorithm (the standard does not specify any),
> > and rc4( so arcfour), rc2, des, 3des, and idea implementations.
> Are these all MUST algorithms?  If they are SHOULD we don't need
> to implement rc2 and idea becuase the are patent encumbered.
no they are not must algorithms. The only must algorithm is 3des.
However i do not think rc2 is patented since rfc2268 describes rc2 and does not 
mention anything about patents. RC4 is used in almost all ssl implementations 
so i think it is a good thing to have it.

> Nikos, can we take this to the new mailinglist?
I thought i've send that to the mailinglist, i've just forward it!
 
>   Werner

-- 
Nikos Mavroyanopoulos
mailto:nmav at hellug.gr



More information about the Gnutls-devel mailing list