[Cryptography] TLS2
Philipp Gühring
pg at futureware.at
Mon Sep 30 17:56:28 EDT 2013
Hi,
What I personally think would be necessary for TLS2:
* At least one quantum-computing resistant algorithm which must be useable
either as replacement for DH+RSA+EC, or preferrably as additional
strength(double encryption) for the transition period.
* Zero-Knowledge password authentication (something like TLS-SRP), but
automatically re-encrypted in a normal server-authenticated TLS session
(so that it's still encrypted with the server if you used a weak password).
* Having client certificates be transmitted in the encrypted channel, not
in plaintext
Best regards,
Philipp
More information about the cryptography
mailing list