On Sat, Oct 05, 2013 at 02:29:11PM +0200, Natanael wrote: > Should we create some kind of CRL style protocol for algorithms? Then we'd > have a bunch of servers run by various organizations specialized on > crypto/computer security that can issue warnings against unsecure > algorithms, as well as cipher modes and combinations of ciphers and > whatever else it might be. And your client software would "subscribe" to a > bunch of those servers.
Just make sure you sign your protocol revocation message using more than one protocol... Speaking of as a last ditch measure you can two messages that hash to the same digest as a type of revocation message. -- 'peter'[:-1]@petertodd.org
signature.asc
Description: Digital signature
_______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography