On Thu, Jan 16, 2014 at 7:12 PM, MJ <m...@sci.fi> wrote:
> On 17 Jan 2014, at 00.54, Christian Weisgerber <na...@mips.inka.de> wrote:
>
>> MJ <m...@sci.fi> wrote:
>>
>>> I would like to inquire as to which OpenBSD RELEASE will offer the
>>> possibility
>>> to avoid NIST crypto for everything in Base (isakmpd, openssh, openssl,
>>> https,
>>> nginx being the key items in mind)?
>>
>> What is "NIST crypto"?
>
> Are you serious or just being facetious?
He was serious, because "NIST crypto" has multiple definitions.
> I basically used it as an umbrella term to include all of the crypto in which
> the US government has had their hand involved in it’s specification,
> implementation, approval, standardisation, etc and so forth.
Ah, so if NIST looked at work done by someone completely unrelated to
NIST and said "looks good, we'll standardize exactly what you did",
you think that it's now contaminated by NISTs talking about it? For
example, AES, which was designed by europeans and standardized after a
massively public competitive process that even the losing competitors
think was legit with no funny games, should be excluded by your
clarified criteria. That sounds like you're interested in a political
statement and not a security goal.
As for your original question: let's imagine it could be done right
now with just a trivial build switch. Poof, no more "NIST crypto"
(haha) for everything. Sweet: you can no longer securely connect to
or from almost any non-OpenBSD box! Practically no https:// website
would work for you. Wow, that's so much more secure! What problem
are you trying to solve?
A transition to new ciphers is like an API change: you have you get
mind share and acceptance, show people that new stuff still solves
their problem and that the change isn't insurmountable in time or
effort. You push, but not so hard that you lose traction with the
larger community, because we're not just trying to make our own
systems more secure, but also everyone else's system. Go listen
(again) to Theo's talk at yandex, where he talks about address space
mititgations including the ones that were too aggressive and had to be
backed out...
http://tech.yandex.com/events/ruBSD/2013/talks/103/
Philip Guenther
