On 2013-12-29 18:30, Kurt Roeckx wrote:
On Sun, Dec 15, 2013 at 11:22:32AM -0500, Julien Vehent wrote:
For the same reason, the server ciphersuite that we recommend at
https://wiki.mozilla.org/Security/Server_Side_TLS
does not drop Camellia, but lists it at the bottom of the ciphersuite.
It's a
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think* they want to prefer CAMELLIA to AES, judging by the published
ciphersuite.
But the construction must be wrong because it returns AES first. If the
intent is to
prefer Camellia, then I am most interesting in the
On Thu, Jan 02, 2014 at 10:10:49PM +0100, Aaron Zauner wrote:
What's the take on the ChaCha20/Poly1305 proposal by the Mozilla Sec. Team by
the way?
Not being part of the mozilla team myself, I at least have the
impression that they want it. You might want to look at this
old version:
Hi Aaron,
On 2014-01-02 16:10, Aaron Zauner wrote:
Hi Kurt,
On 02 Jan 2014, at 21:51, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think* they want to prefer CAMELLIA to AES, judging by the
published ciphersuite.
But the construction
Hi Aaron,
Two things I'd like to mention before I reply:
1. I think it's great to have two guides with divergent points of view.
I'm mostly
interested in discussing design choices, because these discussions
are useful.
I'm not interested in convincing the ACH group that one
On Thu, January 2, 2014 1:25 pm, Julien Vehent wrote:
Hi Aaron,
On 2014-01-02 16:10, Aaron Zauner wrote:
Hi Kurt,
On 02 Jan 2014, at 21:51, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think* they want to prefer CAMELLIA to
On 2014-01-02 17:12, Ryan Sleevi wrote:
On Thu, January 2, 2014 1:25 pm, Julien Vehent wrote:
Hi Aaron,
On 2014-01-02 16:10, Aaron Zauner wrote:
Hi Kurt,
On 02 Jan 2014, at 21:51, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think*
On 2014-01-02 17:12, Ryan Sleevi wrote:
On Thu, January 2, 2014 1:25 pm, Julien Vehent wrote:
Hi Aaron,
On 2014-01-02 16:10, Aaron Zauner wrote:
Hi Kurt,
On 02 Jan 2014, at 21:51, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jan 02, 2014 at 09:33:24PM +0100, Aaron Zauner wrote:
I *think*
On Thu, Jan 02, 2014 at 02:12:47PM -0800, Ryan Sleevi wrote:
What's the take on the ChaCha20/Poly1305 proposal by the Mozilla Sec.
Team by the way?
There are 5 security teams at Mozilla, so Mozilla Sec Team is a very
large group.
I think we all want a new stream cipher in TLS to
On 3/01/14 01:06 AM, Julien Vehent wrote:
3DES isn't broken.
No, but it is end of life. 112bit security for the 2key variant, and an
8 byte block makes it just old. If you've got AES there, use it. Who
hasn't got it?
RC4 is broken, but I am yet to see a practical attack that
The new OCSP stapling tests in NSS 3.15.3 are all failing on our Solaris
machines. See error log below.
We have a slightly smaller number of failures on Linux.
Are these tests going out to a public OCSP responder on the Internet ?
Or are they trying to go to a locally built one ?
(sorry, I am
11 matches
Mail list logo
