You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sec. 18.5.2: the algorithm list includes AES-CBC but not AES-GCM. We think it is time to make the switch, or at least to add GCM as mandatory to implement. Given the audience of this API, the advantage of GCM is that it can be used securely by mere mortals who do not understand the subtleties of integrity protection.
The text was updated successfully, but these errors were encountered:
Understood. I made these comments during the voting process in December, and was told to post them publicly now, for review when the next version comes along.
Sec. 18.5.2: the algorithm list includes AES-CBC but not AES-GCM. We think it is time to make the switch, or at least to add GCM as mandatory to implement. Given the audience of this API, the advantage of GCM is that it can be used securely by mere mortals who do not understand the subtleties of integrity protection.
The text was updated successfully, but these errors were encountered: