Is the prevailing opinion of cryptographers that "cryptographic agility" is a folly of developers?https://simplysecure.org/blog/developers-people-too …
Cryptographic Agility appears to increase complexity, complicate analysis, and involve users where a single cipher suite would do.
-
-
depends entirely on the time horizon you're building for
-
@bradarkin I saw some backlash about agility from djb. Preference was to deprecate the protocol over swap ciphers. - 3 more replies
New conversation -
-
-
Great writeup from
@agl__ on the hidden costs and pitfalls of cryptographic agility https://www.imperialviolet.org/2016/05/16/agility.html … -
concur, great points. OTOH, NSA CryptoMod program has been dealing with lack of agility in 1.3M legacy systems for 15+ yrs.
End of conversation
New conversation -
-
-
designing & impl code now with the understanding that today's smart algo choice will not forever be the right choice seems smart
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
but totally agree that smart defaults for dev consumers of APIs and avoiding presenting end users with any choice at all makes sense
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I first heard the phrase "crypto agility" in context of MSFT SDL. Goal was to avoid hard coding MD5 with no recourse to swap later
-
the real reasons are 1) be ready for advances in crypto (e.g. sunset sha1) 2) address local regulations (China, Russia)
End of conversation
New conversation -
-
-
good luck with removing SHA1 otherwise
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.