Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.427 (Entity 5.427) Subject: openssl k5crypto back end should not require openssl-1.0 X-RT-Original-Encoding: iso-8859-1 Content-Length: 306 Currently, the OpenSSL k5crypto back end requires the use of openssl-1.0, because earlier releases did not support CTS mode. For portability reasons (and minor performance improvement in the IOV case), we should implement CTS mode using CBC mode interfaces that already exist in older OpenSSL releases.