Brian,
On 7/1/2014 14:05, Brian Smith wrote:
I think, in parallel with that, we can figure out why so many sites
are still using TLS_ECDHE_*_WITH_RC4_* instead of
TLS_ECDHE_*_WITH_AES* and start the technical evangelism efforts to
help them. Cheers, Brian
The reason for sites choosing RC4 ove
On Mon, Jun 30, 2014 at 1:56 AM, Kurt Roeckx wrote:
> On 2014-06-30 02:35, Hubert Kario wrote:
>
>> The benefits of ECDHE outweigh the risks of using RC4,
>>>
>>
>> I have to disagree here. Even 1024 bit DHE requires a targeted attack at
>> ~80 bit
>> complexity. Currently we see RC4 at around 56
On Sun, Jun 29, 2014 at 5:35 PM, Hubert Kario wrote:
>
> > As I noted in my bug comment [1], I think that the rhetoric of us not
> > adding any more RSA-key-exchange-based cipher suites, even the AES-GCM
> > ones, is significant. Software engineers at multiple companies referenced
> > our positio
3 matches
Mail list logo
