deknos 2 days ago

with that argument TLS would be insecure, because there are insecure TLS implementations.

1
pvg 2 days ago

That's not the argument, it's that it's a bad design repeatedly shown to be shown to be prone to serious vulnerabilities and it's silly to argue it's not a bad design at yet another such time.

People have made serious arguments for all sorts of design problems in SSL/TLS.

1 reply
deknos 1 day ago

the design is not bad per se. pgp is just a bit outdated and needs an overhaul.

And cryptographic serialization is just difficult.

1 reply
pvg 1 day ago

It's not resting, it's dead.