Date: Mon, 18 Aug 2025 22:01:46 +0100 From: Lexi Winter <ivy@freebsd.org> To: Vadim Goncharov <vadimnuclight@gmail.com> Cc: John Baldwin <jhb@freebsd.org>, Konstantin Belousov <kostikbel@gmail.com>, arch@freebsd.org Subject: Re: ABI guarantees Message-ID: <aKOUuh-s-qSrlHUb@amaryllis.le-fay.org> In-Reply-To: <20250818235420.0d245ef1@nuclight.lan> References: <aJ7S2OeO7Sj2bw8b@kib.kiev.ua> <2fce0bfb-9ce7-40ce-8a27-f0103f531ca0@FreeBSD.org> <20250818235420.0d245ef1@nuclight.lan>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Vadim Goncharov: > Don't know about IPsec but deleting blowfish was surely a mistake - it is > not broken and could be used e.g. in IoT where space constraints matter, for > those who know what they are doing. Blowfish (along with 3DES) was broken by Sweet32. it might still be secure with certain specific constraints (like regular key rotation) but i don't think it's wrong to err on the side of not shipping known broken cyphers. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- iHQEABYKAB0WIQSyjTg96lp3RifySyn1nT63mIK/YAUCaKOUtgAKCRD1nT63mIK/ YPaxAQCOZ63ME9R75i0c5Mwc3qCQYkIaoD/uHVXlGsc67+xiWQD1FwFqhACS1HN2 RF0RI88edK649VFoiA2NN1K4CWxMAw== =C33M -----END PGP SIGNATURE-----help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?aKOUuh-s-qSrlHUb>