[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Monotone-devel] Re: fatal: Botan::PRNG_Unseeded
|
From: |
Lapo Luchini |
|
Subject: |
[Monotone-devel] Re: fatal: Botan::PRNG_Unseeded |
|
Date: |
Wed, 02 Apr 2008 17:12:01 +0200 |
|
User-agent: |
Thunderbird 2.0.0.12 (X11/20080303) |
Zack Weinberg wrote:
I'm not aware of any reason other than backward compatibility, but
that's a doozy: this is yet another of the changes that would require
a cert-reissuing event.
AFAIR of the summit the ssh-agent support was a problem, too.
On a tangent of the "pros" of abandoning the most used signature
schemes... ECDSA signatures would be so small, so fast, so shiny... 0=)
(and since Sun has added support for some of it in NSS, avoiding
Certicom's patents, which are abundant in the elliptic curve crypto
efficient implementations, should be much easier)
(It would be *great* if certs had some kind of tag describing how they
were signed, so we could make a change that affected new certs only,
but I don't see any way to do that without a network protocol break.)
I'd also probably "waste" one byte (or something) for the content, to
support different compression/diff schemes.
Lapo
PS: I'd love to work on the crypto side of mtn at the summit