On Thu, Jul 10, 2014 at 7:41 PM, Brian Smith <br...@briansmith.org> wrote:
> As you probably know, Google Chrome already ships some ChaCha20-Poly1305 > cipher suites. They have a patch that they apply on top of NSS to implement > them. I recently asked a couple of our friends on the Chrome team about > contributing that patch to NSS proper. Apparently, the implementation of > those cipher suites diverges from the current or some expected future draft > of the IETF specification. Consequently, it isn't clear that it is a good > idea to drop that patch into NSS as-is. And, if we modify the patch to > match the current/future IETF documents then Firefox wouldn't be able to > interoperate with *.google.com using ChaCha20-Poly1305. The current IETF draft even has the magic numbers already assigned and no longer in the "TBD" state, which makes it look pretty close to final. How does the IETF spec diverge from Chrome? Why does it diverge? Is it serious (as in: does agl think the spec should indeed change despite having participated in shipping an implementation?) or bikeshedding (as in: is it about the IETF group making its mark?)? Does the implementation (reportebly) in LibreSSL interoperate with the one in Chrome? -- Henri Sivonen hsivo...@hsivonen.fi https://hsivonen.fi/ -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
