On 2013-07-05, at 6:14 PM, Douglas Huff <m...@jrbobdobbs.org> wrote:
> > On Jul 4, 2013, at 22:09, Jacob Appelbaum <ja...@appelbaum.net> wrote: > >> Nadim Kobeissi: >>> ... >>> AES-GCM is already prioritized over RC4, but unfortunately most >>> browsers don't support AES-GCM yet, which is why RC4 remains as the >>> secondary choice. In the case that AES-GCM is not supported, we use >>> RC4 instead of AES-CBC in order to mitigate for BEAST. If you have >>> alternate suggestions to this, please let me know. >> >> None of the browsers supported by the plugin, certainly not those which >> support forward secrecy, should be vulnerable to the BEAST attack. I >> believe that almost everyone is using 1/n-1 record splitting or >> something that is functionally similar. >> >>> >>> We've just removed some of the more obsolete suites that use 3DES. >>> They were unlikely to be used anyway due to their very low priority. >> >> Are you sure? I'm still seeing SSL3 with RSA and RC4 in Chrome. If the >> SSL key is taken tomorrow, my session from today is compromised... >> >>>>> ... >> >> Also, I'll ask again: >> >> Do you know how many users are impacted? How many users are actually >> choosing the forward secret protocols? > > I too am interested in why you're avoiding these questions? Sorry, I wasn't meaning to avoid any questions. I simply forgot to answer them. It's best to assume good will from others on a discussion list. I do not know how many users choose forward secret protocols, nor do I imagine there is a standardized or easy way to derive that knowledge. This is why private keys were reset, even though we use forward secrecy. NK > > -- > Douglas Huff _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography
