On 09/27/2013 05:30 AM, james hughes wrote:
> The thing that this list can effect is the creation of standards with > a valuable respect for Moore's law and increases of mathematical > understanding. Stated differently, "just enough security" is the > problem. This past attitude did not respect the very probably future > that became a reality. I think there probably are some fair criticisms that we were a bit complacent after the clipper and export stuff seemed to be sorted out and the whole NIST/NSA thing with the AES and SHA-3 competitions seemed to be ticking over nicely. > Are we going to continue this behavior? IMHO, based on what I have > been seeing on the TLS list, probably. That's more than a bit silly though IMO. The sensible approach here is to a) see what's the best we can do now with deployed code given that we know it takes years to get anything near everything updated, but also b) figure out what do we want to do, knowing that it'll take years for deployment to happen no matter how small a change we make. a) is Yaron's BCP draft b) is TLS1.3 (hopefully) and maybe some extensions for earlier versions of TLS as well Arguing for (b) only, and that we ignore (a) would be dumb. For (a), we are entirely constrained in what we can do, basically, the only thing we can do is say how to better configure already deployed code. S. > > Jim > > > > > _______________________________________________ The cryptography > mailing list cryptography@metzdowd.com > http://www.metzdowd.com/mailman/listinfo/cryptography > _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography