Review of AEAD Encryption API Project; concluding December 5, 2008
Nicolas Williams
Nicolas.Williams at sun.com
Mon Dec 1 15:41:26 EST 2008
On Mon, Dec 01, 2008 at 02:05:40PM -0600, Nicolas Williams wrote:
> > Nicolas> I understand that, but please don't paint yourselves into
> > Nicolas> a corner on this.
> >
> > I think expanding the API in the future would be easy from an
> > interface standpoint. I think that the current behavior is to return
> > an error if you pass in multiple stream buffers, so you can tell which
> > API you have.
>
> Make sure the same applies to the GSS-API extensions.
One thing that seems potentially important would be to communicate to
the application what alignment is preferred. Splitting encryption or
decryption of a block of data across two chunks is likely to cause
performance problems (think of crypto HW).
Nico
--
More information about the krbdev
mailing list