.... unless some TLS servers would cut corners, and just want the fast benchmarks, and you know .... deploy TLS1.3 0-RTT without built-in SAFETY mechanisms. That would be INSANE, I mean, why risk bugs and side-channels, right?
No! An attacker can use a weak alg even if you don’t. As long as those algs are supported at all it’s not a subset problem, it’s an everything problem.
-
-
The weak algorithms are a red herring. Not having DNSSEC at all gives you 0-bit security, how strong is that??? A few domains with 512-bit keys have little to protect for now, and will soon have better keys. They put nobody else at risk. Most domains are just fine
-
Not having DNSSEC also gives you 0 DNSSEC related outages. My core point is that if it were just a harmless experiment, it'd be fine. Outages change it from a "HOLD" to a "SELL".
- 24 more replies
New conversation -
-
-
Interesting. For some reason I thought the alg-spec was part of the DS delegation records anchored in the next level of hierarchy up.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.