#78: algorithm agility discussion is inadequate
Comment (by [email protected]): Text supplied by Steve Kent, in case the current changes are not enough: " The term "algorithm agility" refers to mechanism and procedures that enable use of different sets of algorithms within a protocol or system. It also often encompasses the transition from one set of cryptographic algorithms to another, in a fashion that avoids service disruption. All of the cryptographic algorithms defined for use with CT are represented as log metadata. None of these algorithms can be changed for an extant log. When a new log is created the log operator MUST specify all of the cryptographic algorithms as part of the metadata for that log. This metadata MUST be made available to all log clients. For TLS clients that are web browsers, CT relies on browser vendors to convey this metadata to the clients. For all other log clients, the means of disseminating log metadata is undefined. The set of cryptographic algorithms initially specified for CT (in RFC XXXX) will change over time. New, standard algorithms will be published as (standards track) RFCs. Log operators and clients will be required to support these algorithms (for new logs) during a time frame specified by these RFCs. " -- --------------------------+------------------------------- Reporter: [email protected] | Owner: [email protected] Type: defect | Status: new Priority: major | Milestone: review Component: rfc6962-bis | Version: Severity: - | Resolution: Keywords: | --------------------------+------------------------------- Ticket URL: <https://trac.tools.ietf.org/wg/trans/trac/ticket/78#comment:11> trans <https://tools.ietf.org/trans/> _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
