On 7/01/14 04:34 AM, Peter Gutmann wrote:
give users a choice: a
generic safe config (disable null, export ciphers, short keys, known-weak,
etc), a maximum-interoperability config (3DES and others), and a super-
paranoid config (AES-GCM-256, Curve25519, etc), with warnings that that's
going to
I think, like James, I see the sacrificial lamb approach. There is
benefit in watching what they are up to. If a measurable push comes out
of the IAB's CFRG, then this is a clear signal to avoid that like the
plague.
Pushing ECC patents. Pushing NIST curves. Clear signals!
Without those
On Jan 7, 2014, at 2:34 AM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote:
L. Aaron Kaplan kap...@cert.at writes:
As a general observation, it also promotes the thinking that all we need to
do
is choose magic algorithm A instead of magic algorithm B and everything is
fixed.
No, if we
On Jan 7, 2014, at 11:24 AM, stef s...@ctrlc.hu wrote:
On Tue, Jan 07, 2014 at 11:18:45AM +0100, L. Aaron Kaplan wrote:
1. We will have three config options: cipher String A,B,C ( generic safe
config, maximum interoperability (== this also makes the mozilla people
happy then) and finally
Dan Brown writes, on the semi-moderated c...@irtf.org list:
I agree with your multiple PK algs suggestion, for parties who can afford it.
What about sym key algs? Maybe too costly for now?
By the way, this kind of idea goes back at least as far as 1999 from
Johnson and Vanstone under the name
On 7/01/14 13:18 PM, L. Aaron Kaplan wrote:
None if this is perfect yet of course. One of the very productive feedback
results was that we should make a HTML version.
A wiki... I would say.
1. We will have three config options: cipher String A,B,C ( generic safe
config, maximum
On Tue, Jan 07, 2014 at 11:39:42AM +0100, L. Aaron Kaplan wrote:
On Jan 7, 2014, at 11:24 AM, stef s...@ctrlc.hu wrote:
On Tue, Jan 07, 2014 at 11:18:45AM +0100, L. Aaron Kaplan wrote:
1. We will have three config options: cipher String A,B,C ( generic safe
config, maximum
Hi, *
Axel Hübl wrote:
I could not agree more.
Crazy C get's totally against the scope of this document: providing
_relyable_ crypto.
If someone reads that document and goes for see, they still list it as
compatible, provide it! the document lost it's main point.
I agree too. Sorry. But
This is indeed an interesting and scary question:
On Sun, Jan 05, 2014 at 08:31:42PM +0300, ianG wrote:
What is a game changer is the relationship between the NSA and the
other USA civilian agencies. The breach of the civil/military line
is the one thing that has sent the fear level rocketing
(Sorry to top post - I want to cherry pick one point).
What is a game changer is the relationship between the NSA and the other
USA civilian agencies. The breach of the civil/military line is the one
thing that has sent the fear level rocketing sky high,
Information sharing among agencies
10 matches
Mail list logo
