Learn about Centmin Mod LEMP Stack today
Register Now

OpenSSL OpenSSL 1.1.1 - draft / old CHACHA20-POLY1305

Discussion in 'CentOS, Redhat & Oracle Linux News' started by bassie, Oct 6, 2018.

Tags:
  1. bassie

    bassie Active Member

    970
    230
    43
    Apr 29, 2016
    Ratings:
    +688
    Local Time:
    7:35 AM
    Found this patch on the internet.
    To enable the draft / old CHACHA20-POLY1305 on OpenSSL 1.1.1.
    Perhaps interesting for OpenSSL users.

    hakasenyang/openssl-patch
     
    • Informative Informative x 1
  2. eva2000

    eva2000 Administrator Staff Member

    36,333
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:35 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    Yeah seen that patch but not sure how useful it is as clients/browsers should have moved to final chacha20 version and not drafts ?
     
  3. bassie

    bassie Active Member

    970
    230
    43
    Apr 29, 2016
    Ratings:
    +688
    Local Time:
    7:35 AM
    51.5% of all Android users, uses an old version of the Android OS which is not compatible with new Chacha.
    The most used Android system is version 6 which is again old Chacha.

    It seems obvious to me that this is the reason that Cloudflare is still implementing old Chacha.

    The patch (although not formally tested by me) seems still very usable for website owners with a lot of old Android.
     
    • Informative Informative x 1
  4. eva2000

    eva2000 Administrator Staff Member

    36,333
    7,979
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,287
    Local Time:
    3:35 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    sweet good to know :D
     
..