-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/06/2013 01:13 PM, Perry E. Metzger wrote:
> Google is also now (I believe) using PFS on their connections, and > they handle more traffic than anyone. A connection I just made to > https://www.google.com/ came out as, TLS 1.2, RC4_128, SHA1, > ECDHE_RSA. Addendum: Calomel SSL Validation has an interesting set of configuration options, which may be of interest and discussion. Two noteworthy ones: - - FIPS 140-2 restricted 256 bit ciphers - - ...AND limit to Perfect Forward Secrecy ciphers Interestingly, turning this on breaks access to https://addons.mozilla.org/. Bluh. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ "Be the strange that you want to see in the world." --Gareth Branwyn -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlIqdcYACgkQO9j/K4B7F8EKrQCguaWu9UGXABSkUwKJ7A+9n7NX KUoAn3D1AF+NW8KIu9BoIDoxllKkE2+K =GSYs -----END PGP SIGNATURE----- _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography