[Cryptography] upgrade mechanisms and policies

Bill Frantz frantz at pwpconsult.com
Sat Apr 11 02:28:35 EDT 2015

On 4/10/15 at 11:50 AM, iang at iang.org (ianG) wrote:

>>As a corollary:  We can avoid "flag day" problems by
>>introducing the new thing on cycle N, then deprecating
>>the old thing on cycle N+2 and outlawing it on cycle
>>N+4.  This sort of well-planned transition works a lot
>>better in non-emergency situations.
>The "odds & evens" version replacement approach is what I think 
>we'll drift to in the future, for those protocols have decided 
>to dispense with the internal upgrade possibility.

I don't think it makes much difference if you have a protocol 
which allows negotiation of algorithms from within the protocol, 
think TLS, or one that has only one protocol, but lets you 
negotiate which version of the protocol you use, like the E 
protocol. The only issue with only one crypto suite per version 
is that you can't assume that version n+1 is better than version n.

The former kind of protocol rather reminds me of my great 
grandfather's axe. It's the same axe, it's just had 7 new 
handles and 3 new heads.

Cheers - Bill

Bill Frantz        | gets() remains as a monument | Periwinkle
(408)356-8506      | to C's continuing support of | 16345 
Englewood Ave
www.pwpconsult.com | buffer overruns.             | Los Gatos, 
CA 95032

More information about the cryptography mailing list