-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/06/2013 09:02 PM, Chris Palmer wrote:
> First time I've heard of 128-bit symmetric called "weak"... Sure, > RC4 isn't awesome but they seem to be saying that 128-bit keys per > se are weak. calomel.org may be erring on the side of "weak" due to known vulnerabilities in RC4. > Without good server authentication, the other stuff doesn't > matter. I am inclined to agree with you. > With Chrome, you get key pinning when talking to some sites > (including Google sites, Tor, and Twtitter); I'd much rather have > that and "only" 128-bit symmetric. Also, I don't know why you > weren't getting forward secrecy; check your Firefox configuration. I did some poking around inside its configuration and it does not seem to be negotiating upward in strength, but for whatever it can get (see other post this evening). I am uncertain as to why; some investigation is in order, but slash/burn/upgrade may be safest. - -- The Doctor [412/724/301/703] [ZS] Developer, Project Byzantium: http://project-byzantium.org/ PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: https://drwho.virtadpt.net/ Too bizarre for real life, too normal to wind up on Art Bell. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlIqok4ACgkQO9j/K4B7F8HX2ACZAStTl0wR/JJqI7n182jLX6mD 5i0AnAopo0YASsPGYVVntF9KKUwwrpRN =9Acb -----END PGP SIGNATURE----- _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography