|
|
|
|
|
|
by ceejay
3332 days ago
|
|
|
If the specification requires the server to decide which algorithm to use a naive client, who doesn't know which algorithms are safe or not, is just as dangerous. As far as I know there are no algorithms that exist today that we can guarantee will never be broken in the future. So algorithm choice inherently must be decoupled from the specification. EDIT: Or a naive server implementation for that matter... |
|
|