[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Monotone-devel] Re: fatal: Botan::PRNG_Unseeded

From: Lapo Luchini
Subject: [Monotone-devel] Re: fatal: Botan::PRNG_Unseeded
Date: Wed, 02 Apr 2008 17:12:01 +0200
User-agent: Thunderbird (X11/20080303)

Zack Weinberg wrote:
I'm not aware of any reason other than backward compatibility, but
that's a doozy: this is yet another of the changes that would require
a cert-reissuing event.

AFAIR of the summit the ssh-agent support was a problem, too.

On a tangent of the "pros" of abandoning the most used signature
schemes... ECDSA signatures would be so small, so fast, so shiny... 0=)
(and since Sun has added support for some of it in NSS, avoiding Certicom's patents, which are abundant in the elliptic curve crypto efficient implementations, should be much easier)

(It would be *great* if certs had some kind of tag describing how they
were signed, so we could make a change that affected new certs only,
but I don't see any way to do that without a network protocol break.)

I'd also probably "waste" one byte (or something) for the content, to support different compression/diff schemes.


PS: I'd love to work on the crypto side of mtn at the summit

reply via email to

[Prev in Thread] Current Thread [Next in Thread]