Three month spec freeze

solderpunk solderpunk at SDF.ORG
Tue Jun 2 22:15:08 BST 2020

Previous message (by thread): Three month spec freeze
Next message (by thread): Three month spec freeze
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 02, 2020 at 10:59:23PM +0200, plugd wrote:
> 
> Is this really necessary?  What's so awesome about 1.3 from a
> layperson's perspective?  I'm honestly asking, not just trying to be
> contrary.

1.3 drastically reduces the range of permissible cryptographic
primitives which can be used.  Instead of supporting dozens and dozens
of different ciphersuites with opaque names ranging from "as secure as
it gets" to "known to be broken for years", requiring careful
configuration and implementation to avoid shooting yourself in the foot
or being susceptible to downgrade attacks, 1.3 is basically foolproof.
All the legacy cruft like RC4 is gone, every availble key agreement
scheme offers perfect forward security, etc.  It's definitely something
to be excited about.

Cheers,
Solderpunk

Previous message (by thread): Three month spec freeze
Next message (by thread): Three month spec freeze
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list