On Thu, Apr 16, 2009 at 10:20:46AM -0400, Jeffrey Hutzelman wrote:
--On Thursday, April 16, 2009 09:04:35 AM -0500 Nicolas Williams
<Nicolas.Williams%sun.com@localhost> wrote:
> This is a separate issue. Remove AEAD and you don't interop. Add AEAD
> with my rule and you still don't interop. To improve the situation we
> need to twist the KEXINIT abstraction a bit more (no objections from
> me): IF a non-AEAD cipher is chosen AND there was no common MAC AND
> there was a common AEAD cipher THEN re-compute the cipher selection
> ignoring all non-AEAD ciphers.
Ugh. This is starting to get complicated.
No, it's not. I'm perfectly happy to have the problem that Niels
pointed out.