You know part of this problem is the inability to disable dud ciphersuites.
Maybe its time to get pre-emptive on that issue: pair a protocol revocation
cert with a new ciphersuite.
I am reminded of mondex security model: it was a offline respendable
smart-card based ecash system in the UK, with
Should we create some kind of CRL style protocol for algorithms? Then we'd
have a bunch of servers run by various organizations specialized on
crypto/computer security that can issue warnings against unsecure
algorithms, as well as cipher modes and combinations of ciphers and
whatever else it
On Sat, Oct 05, 2013 at 02:29:11PM +0200, Natanael wrote:
Should we create some kind of CRL style protocol for algorithms? Then we'd
have a bunch of servers run by various organizations specialized on
crypto/computer security that can issue warnings against unsecure
algorithms, as well as