Cryptography Dispatches: Registries Considered Harmful

Discussion in 'other security issues & news' started by longshots, Aug 24, 2020.

  1. longshots

    longshots Registered Member

    Oct 20, 2017
    Cryptographic protocols and specifications often come with registries that map numeric or string identifiers to algorithms or suites.

    You’ll find them everywhere. TLS, X.509, SSH, PGP, you name it. They enumerate signature algorithms, hash functions, ciphers, key exchanges, encodings… all sorts of primitives and parameters. There is even a whole bureaucracy set up to handle the IETF/IANA ones. People have opinions on its bylaws.

    I think these registries are a design smell at best, and outright harmful in most designs.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.