[Cryptography] Oracle discovers the 1990s in crypto

Harald Koch chk at pobox.com
Sun Jan 22 18:10:57 EST 2017


On 22 January 2017 at 08:05, Jerry Leichter <leichter at lrw.com> wrote:

> Removing support for protocols and cryptographic primitives is very, very
> difficult.  The systems we build are simply not designed to adjust
> appropriately.
>

This doesn't get said often enough, IMO. Even protocols that are designed
to have their primitives replaced - the designers think it's easy to do
upgrades, but interoperability problems appear with older software that
can't be upgraded.

SSH is also going through this problem, as the default implementations
first disable and then remove older ciphers that are often the only ones
implemented on older systems (like the aforementioned disk arrays :).

Food for thought...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170122/3d963904/attachment.html>


More information about the cryptography mailing list