[146913] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

[Cryptography] What TLS ciphersuites are still OK?

daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon Sep 9 14:59:04 2013

X-Original-To: cryptography@metzdowd.com
Date: Mon, 9 Sep 2013 17:29:24 +0100
From: Ben Laurie <ben@links.org>
To: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com

--===============4296839058397471067==
Content-Type: multipart/alternative; boundary=047d7b6dbcae2eb51204e5f5e415

--047d7b6dbcae2eb51204e5f5e415
Content-Type: text/plain; charset=ISO-8859-1

Perry asked me to summarise the status of TLS a while back ... luckily I
don't have to because someone else has:

http://tools.ietf.org/html/draft-sheffer-tls-bcp-00

In short, I agree with that draft. And the brief summary is: there's only
one ciphersuite left that's good, and unfortunately its only available in
TLS 1.2:

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

--047d7b6dbcae2eb51204e5f5e415
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Perry asked me to summarise the status of TLS a while back=
 ... luckily I don&#39;t have to because someone else has:<div><br></div><d=
iv><a href=3D"http://tools.ietf.org/html/draft-sheffer-tls-bcp-00">http://t=
ools.ietf.org/html/draft-sheffer-tls-bcp-00</a><br>
</div><div><br></div><div>In short, I agree with that draft. And the brief =
summary is: there&#39;s only one ciphersuite left that&#39;s good, and unfo=
rtunately its only available in TLS 1.2:</div><div><br></div><div><pre clas=
s=3D"" style=3D"font-size:1em;margin-top:0px;margin-bottom:0px;color:rgb(0,=
0,0)">
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</pre><pre class=3D"" style=3D"font-size=
:1em;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0)"><br></pre></div></d=
iv>

--047d7b6dbcae2eb51204e5f5e415--

--===============4296839058397471067==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============4296839058397471067==--
home help back first fref pref prev next nref lref last post