Support client preferred cipher order #418
Comments
|
We can have an option for this but I'm not sure this is so useful. |
|
I'm not sure how that makes it not so useful. |
|
The recommendation implicitly assumes the server is more likely to have hardware acceleration. But it's not necessarily true, the build mechanisms do not do a great job at auto-enabling what the platform can provide. As of now for example optimized GCM is hidden behind a cabal flag and AESNI is not available on Windows. |
|
In general, servers don't care that much about power consumption, and have a lot of beefy CPUs. Clients can be phones, smart watches, or IoT devices, though, which have much tighter power requirements (due to battery drain) and less spare CPU. Because of this, if the client doesn't have AES acceleration (even if the server does), I'd prefer that it get to use ChaCha20. |
|
OK, a PR is welcome if there are end users impacted by this. |
Currently,
onCipherChoosingonly receives ciphers in the server's preferred order, making it impossible to support client preferred cipher order (as Apache does viaSSLHonorCipherOrder off). Mozilla's TLS guidelines recommend that client-preferred ciphers be used when no weak ciphers are present, so we should add an option to do this.The text was updated successfully, but these errors were encountered: