IETF Logo Mail Archive

Re: [saag] A case against algorithm agility (long)

Andrey Jivsov <openpgp@brainhub.org> Mon, 05 May 2014 05:31 UTC

Return-Path: <openpgp@brainhub.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 310721A0251 for <saag@ietfa.amsl.com>; Sun, 4 May 2014 22:31:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.309
X-Spam-Level:
X-Spam-Status: No, score=-0.309 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DATE_IN_PAST_03_06=1.592, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IaLQkyk8z6nI for <saag@ietfa.amsl.com>; Sun, 4 May 2014 22:31:24 -0700 (PDT)
Received: from qmta15.emeryville.ca.mail.comcast.net (qmta15.emeryville.ca.mail.comcast.net [IPv6:2001:558:fe2d:44:76:96:27:228]) by ietfa.amsl.com (Postfix) with ESMTP id 5CE291A0250 for <saag@ietf.org>; Sun, 4 May 2014 22:31:24 -0700 (PDT)
Received: from omta03.emeryville.ca.mail.comcast.net ([76.96.30.27]) by qmta15.emeryville.ca.mail.comcast.net with comcast id y5Va1n0060b6N64AF5X2PT; Mon, 05 May 2014 05:31:02 +0000
Received: from [192.168.1.8] ([71.202.164.227]) by omta03.emeryville.ca.mail.comcast.net with comcast id y5XL1n0054uhcbK8P5XLSr; Mon, 05 May 2014 05:31:20 +0000
Message-ID: <5366F7E2.7000605@brainhub.org>
Date: Sun, 04 May 2014 22:30:58 -0400
From: Andrey Jivsov <openpgp@brainhub.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.2.0
MIME-Version: 1.0
To: ianG <iang@iang.org>, saag@ietf.org
References: <53650F27.6040607@iang.org>
In-Reply-To: <53650F27.6040607@iang.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1399267862; bh=jmNAdQtAPJ5RwKwvOWg3wsU+nk0+UlXdvyYd9p5x5WY=; h=Received:Received:Message-ID:Date:From:MIME-Version:To:Subject: Content-Type; b=uQGeRPD3WWQ0CqUzaqOT/6wI8HIPgC/rm06wKrpjYr/pmgwQJJJPZ2yurgHbc1t6o 75RUTbIT8yDGr4mL4WQtgEsgzDCp/2c3tfMY0raKmJEihhd2JaUhDYCfsC+QpvgreZ 4Dyq81LYtOTKgb22rxj4BMHcZuNd0urIz4K7wscgvlBWA7z9tno7OUVnuK/kuNuWoq d8/3zgy1xcy2y6btLjIZu7TFz4DLDhGPxOfzNhA4FBqbhjjLWZHMraPv3Zh4Iie2eV X+mizTB6ETFOaT+uJYMYRYmwMdfHhC4JsRlsJRQoMvJnBO311qvHiFopa6PuYhPj1q aGAwrmyrfvd3Q==
Archived-At: http://mailarchive.ietf.org/arch/msg/saag/FtY0TnvKUhaevghR6bU7QI57RgE
Subject: Re: [saag] A case against algorithm agility (long)
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 May 2014 05:31:25 -0000

On 05/03/2014 11:45 AM, ianG wrote:
> I've jotted down some notes on the case against agility, as mooted.
> Sorry, long.
>
> It should be called "algorithm agility considered harmful" but I've
> found that some people are irrationally offended by words.  Offense
> doesn't worry me, but distraction helps nobody.
>
...

It is a good idea to limit the number of possible permutations of 
allowed algorithms.

However, the pros for the algorithm agility are:
* compliance with standards (unless all standards in the world specify 
the same suite)
* upgrade to new algorithms (the time-line of the "old" and the "new" 
algorithms typically overlap)
* easier system maintenance (it's easier to add only a new algorithm to 
an old product that is only maintained as opposed to actively developed)
* there might be no single algorithm that is perfect for everybody

v2.8.7 | Report a Bug | By Email