On 10/26/13 11:24 AM, Jacob Appelbaum wrote: > Defense in depth. If the StartTLS server uses RC4, for example, I'd want > a different layer for actual protection. > > Let's be careful about that argument. Defense in depth should actually add real depth. Otherwise it's just extra work to send a message. If you suggest a new mechanism just to get rid of a bad algorithm, whatever you replace it with will likely someday be found to have a bad algorithm as well. To what depths shall we sink, then?
Eliot _______________________________________________ perpass mailing list perpass@ietf.org https://www.ietf.org/mailman/listinfo/perpass
