[Cryptography] OPENSSL FREAK

Tony Arcieri bascule at gmail.com
Sat Mar 28 18:02:53 EDT 2015


On Sat, Mar 28, 2015 at 2:35 PM, ianG <iang at iang.org> wrote:

> On 28/03/2015 18:05 pm, Tony Arcieri wrote:
>
>> Without cipher agility, you're stuck using the bad ciphers forever until
>> you throw away the protocol and start over.
>
>
> Yes.  Do that.  Not upgrading the protocol, not starting over is also a
> bad thing.


It's probably a better approach for security, but if you care at all about
usability, it's practically a nonstarter.

-- 
Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150328/42c26545/attachment.html>


More information about the cryptography mailing list