On 22/09/2013 2:00 PM, Stephen Farrell wrote: > > On 09/22/2013 01:07 AM, Patrick Pelletier wrote: >> "1024 bits is enough for anyone" > That's a mischaracterisation I think. Some folks (incl. me) > have said that 1024 DHE is arguably better that no PFS
I would argue that 1024 DHE is worse than no PFS, for the same reason that using DES is a bad move. It is likely to be inherently insecure and provides a higher sense of security than is valid for the situation. By insisting that 1024 to be ok, you are, in theory, permitting people to feel comfortable with an insecure system. I have always approached that no encryption is better than bad encryption, otherwise the end user will feel more secure than they should and is more likely to share information or data they should not be on that line. By insisting on 2048 (or higher), you force the issue and ensure that the overall network is more secure. -- Kelly John Rose Mississauga, ON Phone: +1 647 638-4104 Twitter: @kjrose Document contents are confidential between original recipients and sender. _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography