[Cryptography] Crypto Standards v.s. Engineering habits - Was: NIST about to weaken SHA3?

[ianG]

On 10/10/13 08:41 AM, Bill Frantz wrote:

> We should try to characterize what "a very long time" is in years. :-)


Look at the produce life cycle for known crypto products.  We have some 
experience of this now.  Skype, SSL v2/3 -> TLS 0/1/2, SSH 1 -> 2, PGP 2 
-> 5+.

As a starting point, I would suggest 10 years.

iang