[Ach] meta-question on algorithm agility
René Pfeiffer
lynx at luchs.at
Sat May 3 14:29:12 CEST 2014
On May 02, 2014 at 2320 +0100, ianG appeared and said:
> Question for the assembled, on the experiences of the group so far:
>
> What proportion of effort has been spent on the question of
> configuration strings that set the algorithm possibilities? E.g., the
> famous OpenSSL blah:blah:blah string.
> …
> Imagine that algorithm agility was banned. No more choice! How much
> resource would this free up?
I am not sure if this is buying you anything. You could reduce all choices
and reduce the whole IT landscape to a couple of building blocks with no
choices. This frees up a lot of resources until this infrastructure suffers
from a critical bug.
Besides you have to look for other choices anyway since algorithms age. AES
may be around for a while and your Best Choice™ right now, but people still
invent new algorithms. I don't think this is a waste of resources.
Best,
René.
--
)\._.,--....,'``. fL Let GNU/Linux work for you while you take a nap.
/, _.. \ _\ (`._ ,. R. Pfeiffer <lynx at luchs.at> + http://web.luchs.at/
`._.-(,_..'--(,_..'`-.;.' - System administration + Consulting + Teaching -
Got mail delivery problems? http://web.luchs.at/information/blockedmail.php
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 213 bytes
Desc: not available
URL: <http://lists.cert.at/pipermail/ach/attachments/20140503/f1d6b407/attachment.sig>
More information about the Ach
mailing list