Hide Forgot
The CHACHA20-POLY1305 algorithm is specified in rfc7539, and is being adopted by TLS 1.3 and IPSec (rfc7634). It is becoming the de-facto backup algorithm of AES-GCM (implemented in all major browsers), and is being included into all major crypto libraries. We should include chacha20-poly1305 in RHEL7 when possible.
chacha20-poly1305 is not present in openssl 1.0.2 branch. Rebasing to 1.1.0 is impossible and that means the chacha20-poly1305 support would have to be backported. It would be severally non-trivial and I do not think this is feasible for 7.4. We might consider the backport for future RHEL-7 update if there is strong customer demand.
The chachapoly support is not going to be included in openssl-1.0.2
Development Management has reviewed and declined this request. You may appeal this decision by reopening this request.