- From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Date: Fri, 08 Dec 2006 12:51:11 +0000
- To: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve@opera.com>
- Cc: Thomas Roessler <tlr@w3.org>, Mary Ellen Zurko <Mary_Ellen_Zurko@notesdev.ibm.com>, "George Staikos <staikos" <staikos@kde.org>, W3 Work Group <public-wsc-wg@w3.org>
Yngve N. Pettersen (Developer Opera Software ASA) wrote: ... > In this case we can either warn the user, or refuse to connect; we > cannot remove the method. Yes. I don't think we can rely on implementations not including "weak" ciphers. The fact that the definition of "weak" changes over time is the clincher for me - when you're coding you don't know whether some smart person somewhere's going to discover a devastating attack on cipher-foo. S.
Received on Friday, 8 December 2006 12:50:19 UTC