[144770] in cryptography@c2.net mail archive
Re: SHA-1 and Git (was Re: [tahoe-dev] Tahoe-LAFS key management,
daemon@ATHENA.MIT.EDU (Jonathan Thornburg)
Tue Aug 25 12:07:59 2009
Date: Tue, 25 Aug 2009 11:32:39 -0400 (EDT)
From: Jonathan Thornburg <jthorn@astro.indiana.edu>
To: Ben Laurie <ben@links.org>
cc: "Perry E. Metzger" <perry@piermont.com>, jamesd@echeque.com,
Cryptography List <cryptography@metzdowd.com>
In-Reply-To: <4A93CEB9.4010206@links.org>
On Tue, 25 Aug 2009, Ben Laurie wrote:
> In order to roll out a new crypto algorithm, you have to roll out new
> software. So, why is anything needed for "pluggability" beyond versioning?
If active attackers are part of the threat model, then you need to
worry about version-rollback attacks for as long as in-the-field software
still groks the old (now-insecure) versions, so "versioning" is actually
more like "Byzantine versioning".
--
-- Jonathan Thornburg <jthorn@astro.indiana.edu>
Dept of Astronomy, Indiana University, Bloomington, Indiana, USA
"Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral."
-- quote by Freire / poster by Oxfam
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
