On Thu, Jul 18, 2013 at 7:36 PM, Mark Hahn <[email protected]> wrote: > Is that true? I thought the certificate was only used to verify that the > server was the actual one it claimed to be. The encryption is something > different.
It sure is. See all the discussion in the news lately about perfect forward secrecy and the possibility that NSA has access to various Internet providers' private keys for an example of why this is bad. -T.C. -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
