On Fri, Sep 6, 2013 at 5:34 PM, The Doctor <dr...@virtadpt.net> wrote:

> Symmetric cipher RC4 (weak 10/49)
> Symmetric key length 128 bits (weak 8/19)
> Cert issued by Google, Inc, US SHA-1 with RSA @ 2048 bit (MODERATE 2/6)

First time I've heard of 128-bit symmetric called "weak"... Sure, RC4
isn't awesome but they seem to be saying that 128-bit keys per se are

> Let's contrast this with ChaosPad:
> Symmetric cipher Camellia (STRONG 39/39)
> Symmetric key length 256 bits (STRONG 19/19)
> Cert issued by CAcert, Inc. SHA-1 with RSA @ 4096 bit (MODERATE 2/6)

Without good server authentication, the other stuff doesn't matter.
With Chrome, you get key pinning when talking to some sites (including
Google sites, Tor, and Twtitter); I'd much rather have that and "only"
128-bit symmetric. Also, I don't know why you weren't getting forward
secrecy; check your Firefox configuration.
The cryptography mailing list

Reply via email to