[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Cfrg] Re: [saag] Algorithm upgrades
>1. _New_ protocols that are being design should include the ability to
>negotiate algorithms. This is just good hygiene. If this is not
>formalized, it should be.
I strongly disagree. History has showed that negotiation mechanisms can lead
to worse security problems than they are meant to address. The IETF has
certainly showed an exceptional ability to overcomplicate them.
What we need is a policy layer for the whole application protocol layer
stack. It should not be part of the individual protocols, it should be part
of the DNS.
Phill
_______________________________________________
Cfrg mailing list
Cfrg at ietf.org
https://www1.ietf.org/mailman/listinfo/cfrg