[147360] in cryptography@c2.net mail archive
Re: [Cryptography] TLS2
daemon@ATHENA.MIT.EDU (Philipp =?iso-8859-1?Q?G=FChring?=)
Mon Sep 30 18:38:54 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 30 Sep 2013 23:56:28 +0200
From: "Philipp =?iso-8859-1?Q?G=FChring?=" <pg@futureware.at>
To: "Adam Back" <adam@cypherspace.org>, "ianG" <iang@iang.org>,
cryptography@metzdowd.com, "Crypto List" <cryptography@randombit.net>
In-Reply-To: <20130930094737.GA9468@netbook.cypherspace.org>
X-MDaemon-Deliver-To: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
Hi,
What I personally think would be necessary for TLS2:
* At least one quantum-computing resistant algorithm which must be useable
either as replacement for DH+RSA+EC, or preferrably as additional
strength(double encryption) for the transition period.
* Zero-Knowledge password authentication (something like TLS-SRP), but
automatically re-encrypted in a normal server-authenticated TLS session
(so that it's still encrypted with the server if you used a weak password).
* Having client certificates be transmitted in the encrypted channel, not
in plaintext
Best regards,
Philipp
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography