Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Phillip Hallam-Baker
OK how about this: If a person at Snowden's level in the NSA had any access to information that indicated the existence of any program which involved the successful cryptanalysis of any cipher regarded as 'strong' by this community then the Director of National Intelligence, the Director of the

[Cryptography] ADMIN: Please, please, please don't top post.

2013-09-05 Thread Perry E. Metzger
I hate to ask this yet again, but: Please, please, please don't top post. Please, please, please edit down your replies. If your mobile device, say, doesn't let you do otherwise, it can probably wait half an hour until you get to a machine with a keyboard. -- Perry E. Metzger

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Tim Dierks
On Thu, Sep 5, 2013 at 4:57 PM, Perry E. Metzger pe...@piermont.com wrote: On Thu, 5 Sep 2013 16:53:15 -0400 Perry E. Metzger pe...@piermont.com wrote: Anyone recognize the standard? Please say it aloud. (I personally don't recognize the standard offhand, but my memory is poor that

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Eric Murray
On 09/05/2013 01:57 PM, Perry E. Metzger wrote: and am not sure which international group is being mentioned. ISO. Not that narrows it down much. Eric ___ The cryptography mailing list cryptography@metzdowd.com

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Bernie Cosell
On 5 Sep 2013 at 16:11, Phillip Hallam-Baker wrote: I would bet that there is more than enough DES traffic to be worth attack and probably quite a bit on IDEA as well. There is probably even some 40 and 64 bit crypto in use. Indeed -- would you (or any of us) guess that NSA could break TDES

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Eric Murray
The NYT article is pretty informative: (http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html) Because strong encryption can be so effective, classified N.S.A. documents make clear, the agency’s success depends on working with Internet companies — by getting their

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread John Kelsey
First, I don't think it has anything to do with Dual EC DRGB. Who uses it? My impression is that most of the encryption that fits what's in the article is TLS/SSL. That is what secures most encrypted content going online. The easy way to compromise that in a passive attack is to compromise

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread arxlight
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What surprises me is that anyone is surprised. If you believed OpenBSD's Theo de Raadt and Gregory Perry back in late 2010, various government agencies (in this specific case the FBI- though one wonders if they were the originating agency) have been

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Thu, 5 Sep 2013 19:14:53 -0400 John Kelsey crypto@gmail.com wrote: First, I don't think it has anything to do with Dual EC DRGB. Who uses it? It did *seem* to match the particular part of the story about a subverted standard that was complained about by Microsoft researchers. I would

[Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
I would like to open the floor to *informed speculation* about BULLRUN. Informed speculation means intelligent, technical ideas about what has been done. It does not mean wild conspiracy theories and the like. I will be instructing the moderators (yes, I have help these days) to ruthlessly prune

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Thu, 5 Sep 2013 16:53:15 -0400 Perry E. Metzger pe...@piermont.com wrote: Classified N.S.A. memos appear to confirm that the fatal weakness, discovered by two Microsoft cryptographers in 2007, was engineered by the agency. The N.S.A. wrote the standard and aggressively pushed it on the

[Cryptography] The Guardian: US and UK spy agencies defeat privacy and security on the internet

2013-09-05 Thread Perry E. Metzger
Quoting: US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Thu, 05 Sep 2013 13:33:48 -0700 Eric Murray er...@lne.com wrote: The NYT article is pretty informative: (http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html) [...] Also interesting: Cryptographers have long suspected that the agency planted vulnerabilities in a

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Thu, 5 Sep 2013 15:58:04 -0400 Perry E. Metzger pe...@piermont.com wrote: I would like to open the floor to *informed speculation* about BULLRUN. Here are a few guesses from me: 1) I would not be surprised if it turned out that some people working for some vendors have made code and

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Phillip Hallam-Baker
On Thu, Sep 5, 2013 at 3:58 PM, Perry E. Metzger pe...@piermont.com wrote: I would like to open the floor to *informed speculation* about BULLRUN. Informed speculation means intelligent, technical ideas about what has been done. It does not mean wild conspiracy theories and the like. I will

[Cryptography] Bruce Schneier in The Guardian on BULLRUN etc.

2013-09-05 Thread Perry E. Metzger
Quite worth reading. There is some speculation in there about various weaknesses that may have been added as well. http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance -- Perry E. Metzgerpe...@piermont.com

Re: [Cryptography] Thoughts about keys

2013-09-05 Thread Jeremy Stanley
On 2013-09-04 13:12:21 +0200 (+0200), Ilja Schmelzer wrote: There is already a large community of quite average users which use Torchat, which uses onion-Adresses as Ids, which are 512 bit hashs if I remember correctly. Typical ways of communication in this community are look for my

Re: [Cryptography] Hashes into Ciphers (was Re: FIPS, NIST and ITAR questions)

2013-09-05 Thread Joachim Strömbergson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aloha! Stephan Neuhaus wrote: On 2013-09-04 16:37, Perry E. Metzger wrote: Phil Karn described a construction for turning any hash function into the core of a Feistel cipher in 1991. So far as I can tell, such ciphers are actually quite secure,

Re: [Cryptography] Google's Public Key Size (was Re: NSA and cryptanalysis)

2013-09-05 Thread Andy Steingruebl
On Wed, Sep 4, 2013 at 3:54 PM, Paul Hoffman paul.hoff...@vpnc.org wrote: On Sep 4, 2013, at 2:15 PM, Andy Steingruebl stein...@gmail.com wrote: As of Jan-2014 CAs are forbidden from issuing/signing anything less than 2048 certs. For some value of forbidden. :-) This is why you're seeing

Re: [Cryptography] Google's Public Key Size (was Re: NSA and cryptanalysis)

2013-09-05 Thread Paul Hoffman
On Sep 4, 2013, at 2:15 PM, Andy Steingruebl stein...@gmail.com wrote: As of Jan-2014 CAs are forbidden from issuing/signing anything less than 2048 certs. For some value of forbidden. :-) --Paul Hoffman ___ The cryptography mailing list

[Cryptography] NY Times: NSA Foils Much Internet Encryption

2013-09-05 Thread Perry E. Metzger
Quoting: The National Security Agency is winning its long-running secret war on encryption, using supercomputers, technical trickery, court orders and behind-the-scenes persuasion to undermine the major tools protecting the privacy of everyday communications in the Internet age,

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Phillip Hallam-Baker
On Thu, Sep 5, 2013 at 4:41 PM, Perry E. Metzger pe...@piermont.com wrote: On Thu, 5 Sep 2013 15:58:04 -0400 Perry E. Metzger pe...@piermont.com wrote: I would like to open the floor to *informed speculation* about BULLRUN. Here are a few guesses from me: 1) I would not be surprised if

Re: [Cryptography] NSA and cryptanalysis

2013-09-05 Thread Joachim Strömbergson
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Aloha! Jerry Leichter wrote: On Sep 1, 2013, at 2:11 PM, Perry E. Metzger wrote: On Sun, 1 Sep 2013 07:11:06 -0400 Jerry Leichter leich...@lrw.com wrote: Meanwhile, just what evidence do we really have that AES is secure? The fact that the

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Thu, 05 Sep 2013 16:43:59 -0400 Bernie Cosell ber...@fantasyfarm.com wrote: On 5 Sep 2013 at 16:11, Phillip Hallam-Baker wrote: I would bet that there is more than enough DES traffic to be worth attack and probably quite a bit on IDEA as well. There is probably even some 40 and 64

[Cryptography] Is ECC suspicious?

2013-09-05 Thread Perry E. Metzger
In this posting: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance Bruce Schneier casts some doubt on the use of ECC 5) Try to use public-domain encryption that has to be compatible with other implementations. For example, it's harder for the NSA to

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Eric Murray
Bruce Schneier explains the Dual_EC_DRBG attack: http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115 ___ The cryptography mailing list cryptography@metzdowd.com

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Lance James
Hi all, If you read the articles carefully, you'll note that at no point does the NSA appear to have actually broken the *cryptography* in use. It's hard to get concrete details from such vague writing and no access to the the original documents, but it sounds like they've mostly gotten a lot

Re: [Cryptography] Is ECC suspicious?

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 4:09 PM, Perry E. Metzger pe...@piermont.com wrote: Now, this certainly was a problem for the random number generator standard, but is it an actual worry in other contexts? I tend not to believe that but I'm curious about

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread John Denker
I don't have any hard information or even any speculation about BULLRUN, but I have an observation and a question: Traditionally it has been very hard to exploit a break without giving away the fact that you've broken in. So there are two fairly impressive parts to the recent reports: (a)

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread Perry E. Metzger
On Thu, 05 Sep 2013 16:56:38 -0700 John Denker j...@av8n.com wrote: The generator can be easily tested for correct behavior if it is simply a block cipher. I wouldn't have said that. As Dykstra was fond of saying: Testing can show the presence of bugs; testing can never show

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jerry Leichter
[This drifts from the thread topic; feel free to attach a different subject line to it] On Sep 5, 2013, at 4:41 PM, Perry E. Metzger wrote: 3) I would not be surprised if random number generator problems in a variety of equipment and software were not a very obvious target, whether those

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jerry Leichter
On Sep 5, 2013, at 7:14 PM, John Kelsey wrote: My broader question is, how the hell did a sysadmin in Hawaii get hold of something that had to be super secret? He must have been stealing files from some very high ranking people. This has bothered me from the beginning. Even the first

[Cryptography] ADMIN: less Snowden, more Crypto

2013-09-05 Thread Perry E. Metzger
On Thu, 5 Sep 2013 20:30:40 -0400 Jerry Leichter leich...@lrw.com wrote: On Sep 5, 2013, at 7:14 PM, John Kelsey wrote: My broader question is, how the hell did a sysadmin in Hawaii get hold of something that had to be super secret? He must have been stealing files from some very high

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Fri, 06 Sep 2013 12:13:48 +1200 Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Perry E. Metzger pe...@piermont.com writes: I would like to open the floor to *informed speculation* about BULLRUN. Not informed since I don't work for them, but a connect-the-dots: 1. ECDSA/ECDH (and DLP

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread Peter Gutmann
John Denker j...@av8n.com writes: To say the same thing the other way, I was always amazed that the Nazis were unable to figure out that their crypto was broken during WWII. There were experiments they could have done, such as sending out a few U-boats under strict radio silence and comparing

[Cryptography] Suite B after today's news

2013-09-05 Thread Dan McDonald
Consider the Suite B set of algorithms: AES-GCM AES-GMAC IEEE Elliptic Curves (256, 384, and 521-bit) Traditionally, people were pretty confident in these. How are people's confidence in them now? Curious, (first-time caller) Dan McD.

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Peter Fairbrother
BULLRUN seems to be just an overarching name for several wide programs to obtain plaintext of passively encrypted internet communications by many different methods. While there seem to be many non-cryptographic attacks included in the BULLRUN program, of particular interest is the

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Peter Gutmann
Perry E. Metzger pe...@piermont.com writes: I would like to open the floor to *informed speculation* about BULLRUN. Not informed since I don't work for them, but a connect-the-dots: 1. ECDSA/ECDH (and DLP algorithms in general) are incredibly brittle unless you get everything absolutely

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread Phillip Hallam-Baker
Sent from my difference engine On Sep 5, 2013, at 9:22 PM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote: John Denker j...@av8n.com writes: To say the same thing the other way, I was always amazed that the Nazis were unable to figure out that their crypto was broken during WWII. There were

Re: [Cryptography] Why human-readable IDs (was Re: Email and IM are ideal candidates for mix networks)

2013-09-05 Thread Peter Gutmann
Perry E. Metzger pe...@piermont.com writes: I can think of no circumstances where I would voluntarily use LDAP as the solution to any problem of any sort. Our direct competitor has asked us to recommend a technology for whatever it is that LDAP is meant to be the solution for. What should we

Re: [Cryptography] Implementations, attacks on DHTs, Mix Nets?

2013-09-05 Thread Peter Gutmann
[Apparently a pile of my mail got dropped, the following few messages are re-sends] The Doctor dr...@virtadpt.net writes: It might be a reasonable way of protecting PGP key information in DNS records so that someone doesn't try inserting their own when it's looked up. And that's the problem

Re: [Cryptography] NSA and cryptanalysis

2013-09-05 Thread Peter Gutmann
John Kelsey crypto@gmail.com writes: If I had to bet, I'd bet on bad rngs as the most likely source of a breakthrough in decrypting lots of encrypted traffic from different sources. If I had to bet, I'd bet on anything but the crypto. Why attack when you can bypass [1]. Peter. [1] From

Re: [Cryptography] Keeping backups (was Re: Separating concerns

2013-09-05 Thread Peter Gutmann
Phillip Hallam-Baker hal...@gmail.com writes: To backup the key we tell the device to print out the escrow data on paper. Let us imagine that there there is a single sheet of paper which is cut into six parts as follows: You read my mind :-). I suggested more or less this to a commercial

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread David Mercer
On Thursday, September 5, 2013, Jerry Leichter wrote: [This drifts from the thread topic; feel free to attach a different subject line to it] On Sep 5, 2013, at 4:41 PM, Perry E. Metzger wrote: 3) I would not be surprised if random number generator problems in a variety of equipment and

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Peter Gutmann
Perry E. Metzger pe...@piermont.com writes: At the very least, anyone whining at a standards meeting from now on that they don't want to implement a security fix because it isn't important to the user experience or adds minuscule delays to an initial connection or whatever should be viewed with

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread Richard Clayton
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 In message 52291a36.9070...@av8n.com, John Denker j...@av8n.com writes To say the same thing the other way, I was always amazed that the Nazis were unable to figure out that their crypto was broken during WWII. There were experiments they could

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Perry E. Metzger
On Fri, 06 Sep 2013 13:50:54 +1200 Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Perry E. Metzger pe...@piermont.com writes: Does that make them NSA plants? There's drafts for one or two more fairly basic fixes to significant problems from other people that get stalled forever, while the

Re: [Cryptography] Suite B after today's news

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 6:16 PM, Dan McDonald dan...@kebe.com wrote: Consider the Suite B set of algorithms: AES-GCM AES-GMAC IEEE Elliptic Curves (256, 384, and 521-bit) Traditionally, people were pretty confident in these.

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Peter Gutmann
Perry E. Metzger pe...@piermont.com writes: I'm aware of the randomness issues for ECDSA, but what's the issue with ECDH that you're thinking of? It's not just randomness, it's problems with DLP-based crypto in general. For example there's the scary tendency of DLP-based ops to leak the private

Re: [Cryptography] tamper-evident crypto? (was: BULLRUN)

2013-09-05 Thread Charles Jackson
On Thu, Sep 5, 2013 at 9:18 PM, Peter Gutmann pgut...@cs.auckland.ac.nzwrote: To say the same thing the other way, I was always amazed that the Nazis were unable to figure out that their crypto was broken during WWII. There were experiments they could have done, such as sending out a few

Re: [Cryptography] Suite B after today's news

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 7:15 PM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Jon Callas j...@callas.org writes: My opinion about GCM and GMAC has not changed. I've never been a fan. Same here. AES is, as far as we know, pretty secure, so any

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 7:01 PM, Peter Gutmann pgut...@cs.auckland.ac.nz wrote: Perry E. Metzger pe...@piermont.com writes: I'm aware of the randomness issues for ECDSA, but what's the issue with ECDH that you're thinking of? It's not just

Re: [Cryptography] Suite B after today's news

2013-09-05 Thread Peter Gutmann
Jon Callas j...@callas.org writes: My opinion about GCM and GMAC has not changed. I've never been a fan. Same here. AES is, as far as we know, pretty secure, so any problems are going to arise in how AES is used. AES-CBC wrapped in HMAC is about as solid as you can get. AES-GCM is a design or

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jerry Leichter
The actual documents - some of which the Times published with few redactions - are worthy of a close look, as they contain information beyond what the reporters decided to put into the main story. For example, at

Re: [Cryptography] Suite B after today's news

2013-09-05 Thread Peter Gutmann
Jon Callas j...@callas.org writes: How do you feel (heh, I typoed that as feal) about the other AEAD modes? If it's not a stream cipher and doesn't fail catastrophically with IV reuse then it's probably as good as any other mode. Problem is that at the moment modes like AES-CTR are being

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 7:31 PM, Jerry Leichter leich...@lrw.com wrote: Another interesting goal: Shape worldwide commercial cryptography marketplace to make it more tractable to advanced cryptanalytic capabilities being developed by NSA/CSS.

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jerry Leichter
On Sep 5, 2013, at 10:19 PM, Jon Callas wrote: I don't disagree by any means, but I've been through brittleness with both discrete log and RSA, and it seems like only a month ago that people were screeching to get off RSA over to ECC to avert the cryptocalypse. And that the ostensible

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jerry Leichter
Another interesting goal: Shape worldwide commercial cryptography marketplace to make it more tractable to advanced cryptanalytic capabilities being developed by NSA/CSS. ... This makes any NSA recommendation *extremely* suspect. As far as I can see, the bit push NSA is making these

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 8:02 PM, Jerry Leichter leich...@lrw.com wrote: Perhaps it's time to move away from public-key entirely! We have a classic paper - Needham and Schroeder, maybe? - showing that private key can do anything public key can; it's

Re: [Cryptography] Email and IM are ideal candidates for mix networks

2013-09-05 Thread Bill Frantz
On 8/25/13 at 8:32 PM, leich...@lrw.com (Jerry Leichter) wrote: *The* biggest headache is HTTP support. Even the simplest modern HTTP server is so complex you can never be reasonably sure it's secure (though, granted, it's simpler than a browser!) You'd want to stay simple and primitive.

[Cryptography] Can you backdoor a symmetric cipher (was Re: Opening Discussion: Speculation on BULLRUN)

2013-09-05 Thread Perry E. Metzger
On Thu, 5 Sep 2013 23:24:54 -0400 Jerry Leichter leich...@lrw.com wrote: They want to buy COTS because it's much cheap, and COTS is based on standards. So they have two contradictory constraints: They want the stuff they buy secure, but they want to be able to break in to exactly the same

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 8:24 PM, Jerry Leichter leich...@lrw.com wrote: Another interesting goal: Shape worldwide commercial cryptography marketplace to make it more tractable to advanced cryptanalytic capabilities being developed by NSA/CSS. ...

Re: [Cryptography] Can you backdoor a symmetric cipher (was Re: Opening Discussion: Speculation on BULLRUN)

2013-09-05 Thread Jon Callas
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sep 5, 2013, at 9:33 PM, Perry E. Metzger pe...@piermont.com wrote: It is probably very difficult, possibly impossible in practice, to backdoor a symmetric cipher. For evidence, I direct you to this old paper by Blaze, Feigenbaum and

Re: [Cryptography] Opening Discussion: Speculation on BULLRUN

2013-09-05 Thread John Kelsey
On Thu, 5 Sep 2013 19:14:53 -0400 John Kelsey crypto@gmail.com wrote: First, I don't think it has anything to do with Dual EC DRGB. Who uses it? It did *seem* to match the particular part of the story about a subverted standard that was complained about by Microsoft researchers. I

[Cryptography] Fwd: NYTimes.com: N.S.A. Foils Much Internet Encryption

2013-09-05 Thread james hughes
The following is from a similar list in Europe. Think this echoes much on this list but has an interesting twist about PFS cipher suites. Begin forwarded message: From: Paterson, Kenny [kenny.pater...@rhul.ac.uk] Sent: Friday, September 06, 2013 12:03