[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

[Salz, Rich]

> TLS was designed to support multiple ciphersuites. Unfortunately this opened the door
> to downgrade attacks, and transitioning to protocol versions that wouldn't do this was nontrivial.
> The ciphersuites included all shared certain misfeatures, leading to the current situation.

On the other hand, negotiation let us deploy it in places where full-strength cryptography is/was regulated.

Sometimes half a loaf is better than nothing.

	/r$
--  
Principal Security Engineer
Akamai Technology
Cambridge, MA