Three month spec freeze

[plugd]

Hey, 

solderpunk writes:
> On Tue, Jun 02, 2020 at 10:59:23PM +0200, plugd wrote:
> 1.3 drastically reduces the range of permissible cryptographic
> primitives which can be used.  Instead of supporting dozens and dozens
> of different ciphersuites with opaque names ranging from "as secure as
> it gets" to "known to be broken for years", requiring careful
> configuration and implementation to avoid shooting yourself in the foot
> or being susceptible to downgrade attacks, 1.3 is basically foolproof.
> All the legacy cruft like RC4 is gone, every availble key agreement
> scheme offers perfect forward security, etc.  It's definitely something
> to be excited about.

Thank you for this clear explanation, this is very helpful!  You've
convinced me that requiring >= 1.3 would be a sensible move.

plugd
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 487 bytes
Desc: not available
URL: <https://lists.orbitalfox.eu/archives/gemini/attachments/20200603/213773ee/attachment.sig>