Hacker News new | past | comments | ask | show | jobs | submit login

I don't understand why a sober assessment of people's SSL implementations should account for stuff like this.

There are two options: enable the only modern native stream cipher available for TLS, and with it the only polynomial MAC that doesn't require hardware support (and thus the best polynomial MAC available for mobile devices), or don't.

The former option is superior to the latter option. The latter option is easier, but: nobody said engineering was supposed to be easy.

Either SSL Labs is evaluating the quality of TLS implementations, or they're evaluating something else. Arguments like the ones I see on this thread suggest it's "something else".

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact