Remove non-IETF [x]chacha20poly1305 constructions #462
Comments
|
At the very least, I think it would be nice if everyone defining an "XChaCha20Poly1305" based the construction on the IETF version, so we don't have to worry about two variants of that. |
|
The non-IETF versions are not going to be removed or renamed. It would be a breaking change, breaking existing applications, so this is not going to happen before a major revision. But yes, other libraries implementing XChaCha20Poly1305 (now based on the IETF version) would be neat. |
This was referenced Jan 13, 2017
Repository owner
locked and limited conversation to collaborators
Aug 28, 2019
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Merging #461 was a step in the right direction, since it clearly defines the xchapoly functions in terms of the other constructions.
But really we should remove non-IETF [x]chacha20poly1305 constructions.
The padding they add could be an important security feature. More importantly, every place else implements the IETF version, so keeping two around hampers interop. A the very least, you could prevent new code from linking against those functions while still maintaining binary compatibility with old code. Alternatively, promote the IETF versions to not have the _ietf part of the name, and demote the non-IETF versions to have _nonietf part of the name.
Or some other good solution. But let's get thinking about interop.
The text was updated successfully, but these errors were encountered: