OK, and? That's not the part I was replying to. The part I specifically replied to was:
I don't quite understand the hate for algorithm agility. Suppose we had > no algorithm agility, then what? We'd occasionally have to retire > entire protocols and switch to new ones that differ mainly only as to > algorithms, easy, right? But wait! we'd have to support negotiation and > deal with downgrade attacks, so it'd be back to algorithm agility, only > with extra steps. No thanks. I'm not interested in whatever Jan was talking about. You expressed curious ignorance towards a position, so I explained the position. On Tue, Jul 7, 2026 at 4:01 PM Nico Williams <[email protected]> wrote: > On Tue, Jul 07, 2026 at 03:29:11PM -0400, Soatok Dreamseeker wrote: > > Respectfully, when we're talking about "negotiation", I mean any > situation > > where anyone ever decides to use Algorithm A instead of Algorithm B in > any > > conceptual way. That definition is too broad to be useful. > > This sub-thread starts with: > > | On Tue, Jul 7, 2026 at 11:05 AM Jan Zerebecki <[email protected]> > wrote: > | > I think we should have learned from history of TLS and other protocols > | > that having multiple possible algorithms is a security problem. > >
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
