Cryptographic agility is largely seen as a weakness nowadays, in that a party can be tricked into using a cipher or higher level construct with known weaknesses by an attacker. So lack of agility is not necessarily a bad thing. Modern approach seems to be offering only a level of agility needed for future-proofing, not arbitrary choices of ciphers, signature algorithms, etc.
↧