[Cryptography] OPENSSL FREAK

Lodewijk andré de la porte l at odewijk.nl
Mon Mar 30 12:59:51 EDT 2015

2015-03-24 10:12 GMT+09:00 ianG <iang at iang.org>:

> 2.b  And of course, there was no plan/process/ceremony/desire to retire
> any algorithms.

I think this is probably the worst part. We should have a mechanism for a
group of known cryptographers to n-out-of-k-vote-and-disable ciphersuites
immediately.  That way cipher agility might actually be valuable. Think of
it as a revocation mechanism.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150331/6408c47b/attachment.html>

More information about the cryptography mailing list