[Ach] meta-question on algorithm agility
lynx at luchs.at
Mon May 5 13:35:33 CEST 2014
On May 05, 2014 at 1229 +0100, ianG appeared and said:
> On 5/05/2014 11:48 am, René Pfeiffer wrote:
> > On May 05, 2014 at 1132 +0200, Hanno Böck appeared and said:
> >> On Fri, 02 May 2014 23:20:11 +0100
> >> ianG <iang at iang.org> wrote:
> >>> Imagine that algorithm agility was banned. No more choice! How much
> >>> resource would this free up?
> >> …
> >> Now I wonder: How would such a transition work without algorithm
> >> agility? I'm aware that algorithm agility doesn't work extremely well
> >> for the transition, but it works at least somewhat. We can e.g. probably
> >> at some point in the near future deprecate most of RC4 and SSL3 use.…
> > I agree. TLS isn't the only protocol where client/server choices leave room
> > for ambiguity. While HTTP 1.1 is getting pretty old, but HTTP client still
> > support HTTP 1.0. The transition would certainly be quicker, but even
> > modern search engine robots still opt for HTTP 1.0 given a choice. Few
> > people recompile their browsers to exclude HTTP 1.0 (and I don't think this
> > is controlled by a simple symbol definition).
> HTTP 1.0 isn't dangerous. It just lacks features for a liver web.
It was just an example of protocol tolerance (maybe a bad one), you will
find sufficient protocols/configs that affect security too. If it works,
people tend to use it no matter what the security is (see you local app
store for sleepless nights).
)\._.,--....,'``. fL Let GNU/Linux work for you while you take a nap.
/, _.. \ _\ (`._ ,. R. Pfeiffer <lynx at luchs.at> + http://web.luchs.at/
`._.-(,_..'--(,_..'`-.;.' - System administration + Consulting + Teaching -
Got mail delivery problems? http://web.luchs.at/information/blockedmail.php
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 230 bytes
Desc: not available
More information about the Ach