[Security] TLS Certificates Verification
dave at cridland.net
Tue Aug 19 17:08:51 CDT 2008
On Tue Aug 19 22:42:55 2008, Eric Rescorla wrote:
> So, I would definitely hope that any new protocol we decided on
> have enough algorithm agility to
> let us upgrade to newer algorithms--though as the experience with
> 1.2 showed, this is often
> easier said than done.
Sure, but at least we have the general capability to change
ciphersuites in TLS, and hash algorithms in SCRAM. And we can switch
away from SCRAM entirely, and upgrade TLS yet again, if needs be.
> That said, if Quantum Computing suddenly allows us to factor
> numbers in practical periods
> of time, we've probably got a huge problem and it's not clear how to
> salvage any of our
One time pads make great Christmas presents, especially when sent
over a single fibre encoded in the polarization of the photons.
Dave Cridland - mailto:dave at cridland.net - xmpp:dwd at dave.cridland.net
Infotrope Polymer - ACAP, IMAP, ESMTP, and Lemonade
More information about the Security