[Ach] on algorithmic agility

Adi Kriegisch adi at kriegisch.at
Mon Dec 2 22:32:34 CET 2013


> I do not recommend algorithmic agility.  It rarely if ever has led to  
> some sort of benefit out in userland, and it sets you up for disasters  
> of compatibility later on.
> http://iang.org/ssl/h1_the_one_true_cipher_suite.html
> If you stick to AES128 and AES256 then there is no reason to believe  
> there will be a problem.  It's not a popularity contest.
We had a short discussion about this topic in today's meeting and came to
the conclusion that we want to suggest the usage of different ciphers:
at least AES and CAMELLIA at the moment (128 and 256bit).

-- Adi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 827 bytes
Desc: Digital signature
URL: <http://lists.cert.at/pipermail/ach/attachments/20131202/6bf1612e/attachment.sig>

More information about the Ach mailing list