> Another way to put this: We have to look VERY VERY FAR into the future > when we design this thing. Your thoughts, ... > > (I'm sure there's something I don't understand in all this, being very new > to it, so please correct me. And of *course* I don't know whether this is > actually feasible:) The problem with negotiable ciphers are twofold:
1) It adds complexity to the code that isn't necessary. 2) If there are three ciphers negotiable, and two of them are good, you're allowing one cipher that's bad be 'ok' for use, which you don't want to do. The question of what to do when a cipher is broken is also quite simple: Upgrade your server. By not having negotiation, you ensure that nearly everyone upgrades, because if they do not do so, they cannot participate in the network. In this case, the simpler option (no negotiation) also turns out to be the best one. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000807/c791a2c5/attachment.pgp>
