On 20190127 at 01:34 +0000 unman wrote: > I would rule some things out. And in this case it looks like a simple > mistake.
It could even be intention. Most of you do not think about the cost associated with TLS (and growing with key lengths). But there always were (and will be) discussions whether offering a certain service (especially free of charge) will be worth it considering the attached cost. We're lucky that technology stepped up a bit (I remember doing performance analysis when SSL was pushed into the market by Netscape and found out that it cost about an eightfold increase in CPU resources); you might want to read https://blog.cloudflare.com/how-expensive-is-crypto-anyway/ to get a more recent look at things. But with Quantum computers just around the corner there will be a new arms race current CPUs are not prepared for. And keep in mind that only protecting "important targets" is stupid; if you do not encrypt everything you are attaching target markers to your secrets. Crypto is added cost and designers will always try to find a balance between cost and security... Achim -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6e557736131daa986892765e94eac2a6d25b9dec.camel%40noses.com. For more options, visit https://groups.google.com/d/optout.