>> Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are
>> using X25519 which was developed by Dan Bernstein.
>
> FF [claims it does
> DHE/EDH](https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29),
> but it does not actually, in practice. It does either EC, or RSA. I've
> tested it. (v52) This does not look like an accident.
>
>> The Guardian article you referenced didn’t even have the word curve in it.
>> My question – do you have a reference that shows Schneier says not to use
>> elliptic curve – was not answered.
>
> You don't have to read the article if you don't want to.
> "Prefer conventional discrete-log-based systems over elliptic-curve systems;
> the latter have constants that the NSA influences when they can."
>
>> - The NSA actually provided the elliptic curves for NIST's standards. And
>> the Snowden docs now show that those curves are related.
>>
>> No they do not show that the curves are related. And BTW, NIST just put
>> 25519 and 448 into their recommended list.
>
> By its nature (secrecy), nothing public will prove the curves are related.
> But Snowden documents show that they are. And related curves have an
> inherent shortcut to cracking, which any well-funded haqxor or
> state-sponsored entity will have access to.
>
> From: noloa...@gmail.com
>
>>> Later I realized that was the best warning Google and Schmidt could
>>> give. He basically told you government has infiltrated their systems,
>>> and you should avoid their systems if security and privacy matters.
>
> What great PR, that it's become almost instinctive for people to ascribe
> benevolance to G**gle. I believe that Schmidt was telling us his true
> position though.
>
> The one I am angry with is Mozilla, for not giving us a choice. Chrome is a
> choice?! Safari is a choice?! IE is a choice?! No. They are not.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
