@bascule @WatsonLadd Maybe also drop the 224-bit security level?
@DLitz speaking as someone who deals with TLS termination for a major site, having failsafes in a shifting security landscape is essential
-
-
@DLitz there is a definite need for something to shift to in the event of the discovery of major flaws anywhere in the cryptosystem -
@bascule It shouldn't wait for major flaws. BEAST never would have happened if we regularly upgraded entire protocols. -
@DLitz you're not really big on that whole "interoperability" thing, are you? -
@bascule Really, all any implementation needs today is: 1. This year's state-of-the-art; and 2. Last year's state-of-the-art. -
@DLitz here in the real world, we’re forced to implement protocols created in the ‘80s, because they’re still used -
@bascule No 1980s protocol is secure. If you need to talk to 1980s software, tunnel it through a real secure channel.
End of conversation
New conversation -
-
-
@bascule Sure, but the failsafe is a sham if we've stretched our resources too thin such that most implementations have a bug somewhere. -
@DLitz I think cipher agility has been the solution to more problems than it's caused -
@bascule But what you mean by cipher agility. We need meaningful protocol agility. Once we have that, we get the same benefits for free.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.