'Re: [TLS] Killing Algorithms'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ietf-tls
Subject:    Re: [TLS] Killing Algorithms
From:       Richard Moore <rich () kde ! org>
Date:       2015-04-03 23:54:37
Message-ID: CAMp7mVuECTsqwXCOPH15VTYtXfx7n93Kg2NmL0WiTmOS70GcZw () mail ! gmail ! com
[Download RAW message or body]

On 3 April 2015 at 22:01, Daniel Kahn Gillmor <dkg@fifthhorseman.net> wrote:

>   * not every implementation has a wall clock, or has it set right.
>     what happens to these machines?
>
>
This problem already exists since you need the time to validate the
certificate.

Overall though, I'm not in favour of having a set cut off date except
perhaps for ciphers we already know are weak, however since the idea is to
design a new version of TLS why would things that are known to be weak be
included in the first place?

Rich.


[Attachment #3 (text/html)]

<div dir="ltr"><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_extra"><br><div \
class="gmail_quote">On 3 April 2015 at 22:01, Daniel Kahn Gillmor <span \
dir="ltr">&lt;<a href="mailto:dkg@fifthhorseman.net" \
target="_blank">dkg@fifthhorseman.net</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div class="HOEnZb"><div class="h5"><span \
style="color:rgb(34,34,34)">  * not every implementation has a wall clock, or has it \
set right.</span><br></div></div>  what happens to these machines?<br>
<br></blockquote><div><br></div><div><div class="gmail_default" \
style="font-family:verdana,sans-serif">This problem already exists since you need the \
time to validate the certificate.</div></div></div><br></div><div \
class="gmail_extra"><div class="gmail_default" \
style="font-family:verdana,sans-serif">Overall though, I&#39;m not in favour of \
having a set cut off date except perhaps for ciphers we already know are weak, \
however since the idea is to design a new version of TLS why would things that are \
known to be weak be included in the first place?</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"><br></div><div class="gmail_default" \
style="font-family:verdana,sans-serif">Rich.</div><div class="gmail_default" \
style="font-family:verdana,sans-serif"></div><br></div></div>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic