On Fri, Oct 4, 2013 at 11:48 PM, Jeffrey Goldberg wrote:
> On 2013-10-04, at 10:46 PM, Patrick Pelletier
> wrote:
>> On 10/4/13 3:19 PM, Nico Williams wrote:
>>
>>> b) algorithm agility is useless if you don't have algorithms to choose
>>> from, or if the ones you have are all in the same "famil
On 10/4/13 9:48 PM, Jeffrey Goldberg wrote:
The AES “failure” in TLS is a CBC padding failure. Any block cipher would have
“failed” in exactly the same way.
Yes, I know. My second point, about needing a stream cipher other than
RC4, is what's applicable to the current "BEAST vs RC4" dilemma
On 2013-10-04, at 10:46 PM, Patrick Pelletier wrote:
> On 10/4/13 3:19 PM, Nico Williams wrote:
>
>> b) algorithm agility is useless if you don't have algorithms to choose
>> from, or if the ones you have are all in the same "family".
>
> Yes, I think that's where TLS failed. TLS supports four
On 10/4/13 3:19 PM, Nico Williams wrote:
b) algorithm agility is useless if you don't have algorithms to choose
from, or if the ones you have are all in the same "family".
Yes, I think that's where TLS failed. TLS supports four block ciphers
with a 128-bit block size (AES, Camellia, SEED, an