On Sep 9, 2013, at 9:29 AM, Ben Laurie <[email protected]> wrote: > Perry asked me to summarise the status of TLS a while back ... luckily I > don't have to because someone else has: > > http://tools.ietf.org/html/draft-sheffer-tls-bcp-00 > > In short, I agree with that draft. And the brief summary is: there's only one > ciphersuite left that's good, and unfortunately its only available in TLS 1.2: > > TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
+1 I have read the document and it does not mention key lengths. I would suggest that 2048 bit is large enough for the next ~5? years or so. 2048 bit for both D-H and RSA. How are the key lengths specified?
_______________________________________________ The cryptography mailing list [email protected] http://www.metzdowd.com/mailman/listinfo/cryptography
