On Thu, 1 May 2014 14:29:44 +0200 Kurt Roeckx <k...@roeckx.be> wrote:
> On Thu, May 01, 2014 at 01:35:19PM +0200, Hanno Böck wrote: > > > > Maybe this should teach us a lesson: Adding more and more > > Workarounds for broken stuff isn't the way to go forward. The way > > to go forward is to fix broken stuff. > > The problem isn't always to fix the broken stuff but ussually to get > people to upgrade to the fixed version. People are scared of > changes. I'm well aware of that, but I think there is another option. If browsers (or other kind of tls using software) would display a warning "your stuff is broken, it will no longer work with our next version if you don't install updates on your whatever hw, tell your admin NOW", I'm pretty sure those people would update their stuff. Certainly better than inventing yet another "workaround for broken stuff"-tls-extensions (because we all should know by now: too many tls extensions make the protocol too complex and can hurt). -- Hanno Böck http://hboeck.de/ mail/jabber: ha...@hboeck.de GPG: BBB51E42
signature.asc
Description: PGP signature