[146952] in cryptography@c2.net mail archive
Re: [Cryptography] What TLS ciphersuites are still OK?
daemon@ATHENA.MIT.EDU (Tony Arcieri)
Tue Sep 10 10:26:23 2013
X-Original-To: cryptography@metzdowd.com
In-Reply-To: <CAG5KPzwpVgvEuuLTzKXHKgmzqp8PbD5SZLy028h7t-nQHHhZgw@mail.gmail.com>
From: Tony Arcieri <bascule@gmail.com>
Date: Mon, 9 Sep 2013 21:10:00 -0700
To: Ben Laurie <ben@links.org>
Cc: Cryptography Mailing List <cryptography@metzdowd.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
--===============2615955922381094565==
Content-Type: multipart/alternative; boundary=047d7b343f1ae2673404e5ffae4b
--047d7b343f1ae2673404e5ffae4b
Content-Type: text/plain; charset=ISO-8859-1
On Mon, Sep 9, 2013 at 9:29 AM, Ben Laurie <ben@links.org> wrote:
> And the brief summary is: there's only one ciphersuite left that's good,
> and unfortunately its only available in TLS 1.2:
>
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
>
>
A lot of people don't like GCM either ;) So we're screwed!
Well, aside from maybe this draft supporting Salsa20:
http://tools.ietf.org/html/draft-josefsson-salsa20-tls-02
--
Tony Arcieri
--047d7b343f1ae2673404e5ffae4b
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">On Mon, Sep 9, 2013 at 9:29 AM, Ben Laurie <span dir=3D"lt=
r"><<a href=3D"mailto:ben@links.org" target=3D"_blank" onclick=3D"window=
.open('https://mail.google.com/mail/?view=3Dcm&tf=3D1&to=3Dben@=
links.org&cc=3D&bcc=3D&su=3D&body=3D','_blank')=
;return false;">ben@links.org</a>></span> wrote:<br>
<div class=3D"gmail_extra"><div class=3D"gmail_quote"><blockquote class=3D"=
gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border=
-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div=
dir=3D"ltr">
<div>And the brief summary is: there's only one ciphersuite left that&#=
39;s good, and unfortunately its only available in TLS 1.2:</div><div><br><=
/div><div><pre style=3D"font-size:1em;margin-bottom:0px;margin-top:0px">
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256</pre>
</div></div></blockquote><div><br></div><div>A lot of people don't like=
GCM either ;) So we're screwed!</div><div><br></div><div>Well, aside f=
rom maybe this draft supporting Salsa20:</div><div><br></div><div><a href=
=3D"http://tools.ietf.org/html/draft-josefsson-salsa20-tls-02">http://tools=
.ietf.org/html/draft-josefsson-salsa20-tls-02</a>=A0</div>
</div><div><br></div>-- <br>Tony Arcieri<br>
</div></div>
--047d7b343f1ae2673404e5ffae4b--
--===============2615955922381094565==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2615955922381094565==--