I believe this plan would have poor side effects. For example, if Apple
ships clients with a broken ECDSA implementation , a server cannot
detect detect if a connecting client is an Apple product and avoid the use
of ECDSA in that subset of connections. Instead, ECDSA suddenly becomes
unsafe for anyone to use anywhere.
On Thu, Aug 8, 2013 at 10:30 PM, Brian Smith <br...@briansmith.org> wrote:
> Please see https://briansmith.org/browser-ciphersuites-01.html
> First, this is a proposal to change the set of sequence of ciphersuites
> that Firefox offers. Secondly, this is an invitation for other browser
> makers to adopt the same sequence of ciphersuites to maximize
> interoperability, to minimize fingerprinting, and ultimately to make
> server-side software developers and system administrators' jobs easier.
> Suggestions for improvements are encouraged.
> Mozilla Networking/Crypto/Security (Necko/NSS/PSM)
> dev-tech-crypto mailing list
dev-tech-crypto mailing list