Joey Hess <jo...@debian.org> writes: > In general, I think that Debian needs to identify upstreams that are > being proactive about dropping old crypto algos, and those that are not. > Major browsers, openssh upstream, etc are going to be more on top of > this than we are, and make better decisions. Web servers probably have > user pressure to keep old crypto available, in order to support broken > clients that some users care about, and Debian might be able to improve > the defaults in such cases.
I can't agree here about major browser vendors being an example of proactively dropping old crypto algos. Browser vendors have strong incentives to prioritise compatibility above everything else (if a user can't access a website with your browser but can with a competitors you've just lost a user). For security the same incentive doesn't really exist, as when the vendors get caught with their pants down (as happened here with the POODLE attack) all they need to say is "Well we didn't know it was actually broken, and besides all the other browsers had it enabled too". As Russ said earlier in the thread security is always a compromise with compatibility, but IMO the browser vendors end up making different choices than we should. For example I have been running my browser for over a year with SSLv3 disabled, and have only found one website that doesn't work. There is no reason this couldn't have been disabled before it was compromised. The same situation seems to be happening with RC4, a practical attack needs to appear before it gets dropped. -- Arto Jantunen -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/8761fksfvx....@kirika.int.wmdata.fi