alt Hacker News> No other reason than because we can!
Then maybe your scientists should spend some time to stop and consider whether they should ;)
But seriously, I'd just limit this to one option on the selection side, even if you continue supporting more than that at the protocol level for cryptographic agility.
Replies
Bender • yesterday at 2:04 PM
I would rather avoid cipher fixation. Give me thousands of protocol / cipher / mac / mode combinations. Fixation only benefits nations wanting to crack something.
➕ show 2 replies
I don't see the issue. "Anything that openssl actively supports" plus providing a default seems like an extremely reasonable stance to take.