[Cryptography] OPENSSL FREAK
Lodewijk andré de la porte
l at odewijk.nl
Mon Mar 30 12:59:51 EDT 2015
2015-03-24 10:12 GMT+09:00 ianG <iang at iang.org>:
> 2.b And of course, there was no plan/process/ceremony/desire to retire
> any algorithms.
I think this is probably the worst part. We should have a mechanism for a
group of known cryptographers to n-out-of-k-vote-and-disable ciphersuites
immediately. That way cipher agility might actually be valuable. Think of
it as a revocation mechanism.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography