On 8/15/2014 10:10 PM, Jeffrey Walton wrote:
On Sat, Aug 16, 2014 at 12:08 AM,shath...@e-z.net wrote:
...
Even today with Unicode character set families, the ability to provide
a global case-independent mapping becomes a massive problem. There are
a variety of latin-like alphabets and greek
Does ANYONE think that case-sensitive cipher names are good idea?
Someone who types TLSV1:RC4-MD5 will find things working, but is likely to be
surprised by how weakly-protected they are.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM:
Hello
On 15.08.2014 17:43, Salz, Rich wrote:
Does ANYONE think that case-sensitive cipher names are good idea?
this is a bad idea; or can you explain the difference between
tlsv1:rc4-md5 and TLSV1:RC4-MD5?
Someone who types TLSV1:RC4-MD5 will find things working, but is
likely to be
On Fri, Aug 15, 2014 at 11:43:51AM -0400, Salz, Rich wrote:
Does ANYONE think that case-sensitive cipher names are good idea?
Someone who types TLSV1:RC4-MD5 will find things working, but is
likely to be surprised by how weakly-protected they are.
The case makes some things more clear:
The case makes some things more clear:
I never said it didn't.
There are lots of other ways to typo the input string.
Yup, but saying TLSV1 won't work while TLSv1 does work is silly.
Perhaps there are currently no collisions, and case folding is likely safe,
but I
don't really see much
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Salz, Rich
Sent: Friday, 15 August, 2014 14:36
To: openssl-users@openssl.org
Subject: RE: Case-sensitive cipher names are a bad idea
The case makes some things more clear
Well, one problem is that strcasecmp is not in the Standard C Library, and
in
fact is illegal, because external identifiers beginning with str are
reserved to
the implementation.
Openssl already handles that, thanks.
That said, I agree that case-insensitive comparison would be a good
Does ANYONE think that case-sensitive cipher names are good idea?
Someone who types TLSV1:RC4-MD5 will find things working, but is likely to
be surprised by how weakly-protected they are.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM:
On Sat, Aug 16, 2014 at 12:08 AM, shath...@e-z.net wrote:
...
Even today with Unicode character set families, the ability to provide
a global case-independent mapping becomes a massive problem. There are
a variety of latin-like alphabets and greek alphabets, and even
IBM EBCDIC encodings