[146920] in cryptography@c2.net mail archive
Re: [Cryptography] What TLS ciphersuites are still OK?
daemon@ATHENA.MIT.EDU (Hanno =?UTF-8?B?QsO2Y2s=?=)
Mon Sep 9 18:35:52 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 9 Sep 2013 23:14:31 +0200
From: Hanno =?UTF-8?B?QsO2Y2s=?= <hanno@hboeck.de>
To: cryptography@metzdowd.com
In-Reply-To: <CAG5KPzwpVgvEuuLTzKXHKgmzqp8PbD5SZLy028h7t-nQHHhZgw@mail.gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.
--===============1288488842666798148==
Content-Type: multipart/signed; micalg=PGP-SHA256; protocol="application/pgp-signature"; boundary="=_zucker.schokokeks.org-1012-1378761282-0001-2"
This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.
--=_zucker.schokokeks.org-1012-1378761282-0001-2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On Mon, 9 Sep 2013 17:29:24 +0100
Ben Laurie <ben@links.org> wrote:
> Perry asked me to summarise the status of TLS a while back ...
> luckily I don't have to because someone else has:
>=20
> http://tools.ietf.org/html/draft-sheffer-tls-bcp-00
>=20
> In short, I agree with that draft. And the brief summary is: there's
> only one ciphersuite left that's good, and unfortunately its only
> available in TLS 1.2:
>=20
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
I don't really see from the document why the authors discourage
ECDHE-suites and AES-256. Both should be okay and we end up with four
suites:
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Also, DHE should only be considered secure with a large enough modulus
(>=3D2048 bit). Apache hard-fixes this to 1024 bit and it's not
configurable. So there even can be made an argument that ECDHE is more
secure - it doesn't have a widely deployed webserver using it in an
insecure way.
cu,
--=20
Hanno B=C3=B6ck
http://hboeck.de/
mail/jabber: hanno@hboeck.de
GPG: BBB51E42
--=_zucker.schokokeks.org-1012-1378761282-0001-2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.21 (GNU/Linux)
iQIcBAEBCAAGBQJSLjo6AAoJEKWIAHK7tR5ClSAP/AlJ+oFEry8UChzGTONXKNs6
cpu1ieUltfCp+CRAEGix4Ja0/Fhqu6HkXSi1SaUqEuHWMYavY77FZUapAt1g8EYc
tT4jTAZ7OomkzAhcFQ+Z+VFmS0v8UNPksywX5Gl2exjb3YtY0p11kxYMEGTWkbbW
NK1W+hoFeHuFyr6DldqUUhCQBdZVeHBrh4bivzjjSEVtCRZAUa2txFJwcABc04hh
llTyeWllF4NOmVULEJUZKWQDWFFkZWgE22RTRFEgD5vUnHjXtdi7Jce0rIruJ9D5
TCmLcxOnZB6ie0LjYL/uzQbM/9l84DuDUGAB1WWeZQn+5fS6KpWevF7cvWLfmMtU
Y6uuWfJZJb/KNRbjcW64v7fkFufer4zxwZlV9yw6evwM7yYQMUM+meyj5qcxex/l
8NbXAbXlffxDnCqELJ1PmX5eQsveYrqJ/tmjN1I6nhoEyN3vxRESw5fNGLoGGg4B
kNiF7KA6NIYuyOf+BHlpdEwW8XAMZqREDAm+PuzUUQgwm/0FjubDl6DFmJEG9JvT
kcoyv1Ml+mhmRZ5Nz3U47WxmU2JgGUYJ91vuFMNeAf7f0pbf33nn5YKs+aLw3Jl/
ynUFNC+PVNX4oNp2Jhz44qewC/pdnK/OZIEE6Zgvt118ONGF5Sig8Nhmn3DFX0OK
X8CiUBEK4CaFSaQSfO0N
=GouB
-----END PGP SIGNATURE-----
--=_zucker.schokokeks.org-1012-1378761282-0001-2--
--===============1288488842666798148==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============1288488842666798148==--
