:: Re: [DNG] OpenSSL, BoringSSL, Libre…
Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Kevin Chadwick
Ημερομηνία:  
Προς: dng
Αντικείμενο: Re: [DNG] OpenSSL, BoringSSL, LibreSSL and TLS protocol
On 27/09/2024 13:35, Martin Steigerwald wrote:
> However I did not look into how and to what extent TLS 1.3 and PQC are
> simpler than TLS 1.2.
>


TLS 1.3 reduces the cryptography options quite drastically. It's possible post
quantum crypto will complicate that again though. Hopefully not too much.

> And I do not really agree to top-down centrally managed trust
> relationships.


Agreed and this adds to the potential of certificate handling vulnerabilities.
OpenSSH certificate handling is much simpler.