On Mon, Sep 09, 2013 at 11:29:19AM -0400, Stefan Arentz wrote: > > On Sep 9, 2013, at 11:16 AM, Gervase Markham <g...@mozilla.org> wrote: > > > On 09/08/13 03:30, Brian Smith wrote: > >> Please see https://briansmith.org/browser-ciphersuites-01.html > > > > This proposal promotes ECC. > > > > http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance > > > > Schneier: "Prefer conventional discrete-log-based systems over > > elliptic-curve systems; the latter have constants that the NSA > > influences when they can." > > > > He elaborates in the comments: > > > > "I no longer trust the constants. I believe the NSA has manipulated them > > through their relationships with industry." > > > > Does that affect your proposal? > > Wasn't he talking about http://en.wikipedia.org/wiki/Dual_EC_DRBG#Controversy > ?
No, he actually said he doesn't trust any ECC, but on the other hand said that we should probably move to at least 500 bit ECC. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto