[Cryptography] IPsec DH parameters, other flaws

Salz, Rich rsalz at akamai.com
Mon Nov 23 10:21:48 EST 2020


>    Are they interoperable, dare one ask?

Highly.  Interop tests are done as part of CI/CD.  See https://interop.seemann.io/ for some details.  And https://github.com/quicwg/base-drafts/wiki/Implementations for info about the implementations.

There are some that  use the Google QUIC codebase; they also use Google's boringSSL fork for the cryptography.  There is a work-in-progress PR to implement the QUIC changes into OpenSSL, https://github.com/openssl/openssl/pull/8797  My employer maintains it and will be putting this into production at some point.



More information about the cryptography mailing list