Re: HTTP/2 and Pervasive Monitoring

On 16/08/14 07:20, Poul-Henning Kamp wrote:
> --------
> In message <53EEA563.4020703@cs.tcd.ie>, Stephen Farrell writes:
> 
>> PHK and I disagree a bit about the definition of PM in that respect.
>> I conclude that BCP188 would include storing breakable ciphertext in
>> the definition of PM. He doesn't.
> 
> Stephen, you're free to express your own opinion, but I think it
> would be best if you let me express mine.

Apologies. I should have said "I think he doesn't".

...

> The important thing in my straw-man is not if we should or shouldn't
> do it, but the fact that PM can be made impossible with ciphersuites
> you can break in a matter of seconds.

That last is the part with which I disagree. I just don't think its
true, for what I understand as PM, as defined in BCP188.

But I agree with you about the rest, that is, if you said chacha20
and not breakable-cipher then we'd be saying the same thing.

Cheers,
S

Received on Saturday, 16 August 2014 10:36:44 UTC