On Wed, May 15, 2013 at 8:26 AM, Viktor Dukhovni <openssl-us...@dukhovni.org > wrote:
OpenSSL cipherlists are not for novices. > > Like everything else about an old API that grew organically, it has too much surface area. It's unreasonable to rely on expert performance to prevent errors - it should be hard to make mistakes when the consequences are great. That's a reliable principle of good design. - M