We can force a rotate of all certs in 90 days, and I don't think most people will notice.
On Fri, Dec 15, 2017 at 10:07 AM, Eric Rescorla <e...@rtfm.com> wrote: > I'm not quite following how this helps. It's true that if SHA-256 is broken, > we're in serious trouble, but that's largely because of the fact that that's > what people's certificates have, so clients really can't refuse to support > SHA-256 certificates. So, how does adding new algorithms help? (That's why I > would argue that the existing SHA-384 support doesn't help). > > -Ekr > > > On Fri, Dec 15, 2017 at 9:46 AM, Ilari Liusvaara <ilariliusva...@welho.com> > wrote: >> >> On Fri, Dec 15, 2017 at 02:57:33PM +0000, Andrei Popov wrote: >> > From: TLS [mailto:tls-boun...@ietf.org] On Behalf Of Ilari Liusvaara >> > > Even nastier dependency: SHA-2. If that breaks, currently both TLS >> > > 1.2 and 1.3 break. There are no alternatives defined. >> > >> > Here's an attempt to define a SHA-2 alternative: >> > https://tools.ietf.org/html/draft-wconner-blake2sigs-01 >> >> Also would need TLS ciphersuite codepoints with alternative handshake >> hash algorithms. >> >> >> -Ilari >> >> _______________________________________________ >> TLS mailing list >> TLS@ietf.org >> https://www.ietf.org/mailman/listinfo/tls > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- "Man is born free, but everywhere he is in chains". --Rousseau. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
