My (totally informal) "vote" for next gen elliptic curves: 128-bit: Curve25519, 224-bit: Ed448-Goldilocks, 256-bit: E-521 /cc @WatsonLadd
@DLitz @WatsonLadd I don't see how that comment has anything to do with a conversation on curve selection
-
-
@DLitz@WatsonLadd so your alternative is one curve to rule them all and a single ciphersuite? What happens when something breaks? -
@bascule@WatsonLadd Re: "What happens when something breaks?" Worst-case, we upgrade, like we did with bash. Still better than status quo. -
@DLitz speaking as someone who deals with TLS termination for a major site, having failsafes in a shifting security landscape is essential -
@DLitz there is a definite need for something to shift to in the event of the discovery of major flaws anywhere in the cryptosystem -
@bascule It shouldn't wait for major flaws. BEAST never would have happened if we regularly upgraded entire protocols. -
@DLitz you're not really big on that whole "interoperability" thing, are you? -
@bascule Really, all any implementation needs today is: 1. This year's state-of-the-art; and 2. Last year's state-of-the-art. - 2 more replies
New conversation
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.