Clemens Lang wrote:
I hope you’re not suggesting we keep the defaults insecure because
there
are some institutions out there that don’t support modern standards.
Sorry, but I am. The defaults need to work out there in the real world. If
legacy standards are still widespread, they need to be supported out of the
box, without having to jump through hoops. Users want to be able to connect
to their WPA* WiFi networks, view their HTTPS websites, etc. They do not
care whether those use the latest, most secure versions of the standard or
not. (In fact, most users do not even care that encryption is used at all,
they only use encryption at all because the other end forces them to, i.e.,
because the WiFi network requires it, or the website uses HTTP to HTTPS
redirection and/or HSTS, etc.)
Kevin Kofler