Hi!
Sorry for being rather late in my reply; most of your questions/remarks are
already answered.
The guide is not backward compatible with all clients. We, at Mozilla, must
maintain
backward compatibility with even the oldest, most broken, clients on the
internet, and
this shapes our
On 03 Jan 2014, at 00:19, Aaron Zauner a...@azet.org wrote:
After BREAK there was this huge outcry by “security professionals” to switch
to RC4, I still think that was a dumb idea.
Sorry. BREACH of course.
Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
--
ARGH! Third time’s a charm: BEAST.
BREACH is CRIME related and has nothing to do with that.
Aaron
signature.asc
Description: Message signed with OpenPGP using GPGMail
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
Hi Kurt,
On 02 Jan 2014, at 21:51, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think* they want to prefer CAMELLIA to AES, judging by the published
ciphersuite.
But the construction must be wrong because it returns AES first. If the
On 14-01-05 16:56, Aaron Zauner a...@azet.org wrote:
On Sun, Jan 5, 2014 at 4:27 PM, Kurt Roeckx k...@roeckx.be wrote:
On Fri, Jan 03, 2014 at 12:19:10AM +0100, Aaron Zauner wrote:
3DES isn't broken.
Triple DES provides about 112bit security (We've a section on the topic
in the
Hi Julien,
I took the liberty to answer a few of your questions (in CC to dev-tech-crypto
and ach). Others might want to add something as well:
On 02 Jan 2014, at 18:09, Julien Vehent jul...@linuxwall.info wrote:
Overall, I think this guide is great! The configuration examples are very
Hi Kurt,
That is true, the issue being that some software and hardware platforms do
not support RSA keys above 2048bit as of now.
I mean - I do not really have an issue with discussing to put 3DES in
there. We were a bit time restricted to do our research (i.e. we limited
ourselves to certain
7 matches
Mail list logo