It doesn't seem intuitive to me that Aes is a stateless object. You can create an instance of it with a BlockMode, which seems to imply to me that several encrypt/decrypt of the same data would produce different results each time.

If Aes is going to remain stateless, it would be nice to be explicity about this in the docs.

Preface: I am not an expert in encryption, so sorry for any inaccuracies with how I am describing the issue here.

In the documentation, it states:

// Note: CBC and ECB modes use PKCS#7 padding as default

Is it possible to configure what padding is used? I am working with a system where they are not expecting padding. Is that something that even makes sense/is possible?

it got updated to use only use TLS 1.3, but currently mozilla-modern.badssl.com only use tls 1.2 so it clearly not set to current version of 'modern' configuration. so it need to updated.
actually, it looks like pushed though a level down ( old modern-> intermediate, old intermediate -> now old )
https://wiki.mozilla.org/Security/Server_Side_TLS#Modern_compatibility

Related to a suggestion for better cryptographic timestamping of Git repos & other things, git-evtag was proposed as a solution to the weak SHA-1 hashes Git uses. I wanted to try it out to see whether it could be easily used with the timestamping as a post-commit hook, but I can't

By the trick to link with the C stub or the pure OCaml implementation, ocamlbuild can not make a documentation.