On 2010-10-01 3:23 PM, Chris Palmer wrote:
In my quantitative, non-hand-waving, repeated experience with many clients in
many business sectors using a wide array of web application technology
stacks, almost all web apps suffer a network and disk I/O bloat factor of 5,
10, 20, ...
Which does
On 01-10-2010 02:41, Victor Duchovni wrote:
Should we be confident that 4-prime RSA is stronger at 2048 bits than
2-prime is at 1024? At the very least, it is not stronger against ECM
(yes ECM is not effective at this factor size) and while GNFS is not
known to benefit from small factors, is
Thor Lancelot Simon writes:
a significant net loss of security, since the huge increase in computation
required will delay or prevent the deployment of SSL everywhere.
That would only happen if we (as security experts) allowed web developers to
believe that the speed of RSA is the limiting
On Wed, Sep 29, 2010 at 09:22:38PM -0700, Chris Palmer wrote:
Thor Lancelot Simon writes:
a significant net loss of security, since the huge increase in computation
required will delay or prevent the deployment of SSL everywhere.
That would only happen if we (as security experts) allowed
On 09/30/2010 10:41 AM, Thor Lancelot Simon wrote:
On Wed, Sep 29, 2010 at 09:22:38PM -0700, Chris Palmer wrote:
Thor Lancelot Simon writes:
a significant net loss of security, since the huge increase in computation
required will delay or prevent the deployment of SSL everywhere.
That would
On Thu, Sep 30, 2010 at 01:36:47PM -0400, Paul Wouters wrote:
[I wrote]:
Also, consider devices such as deep-inspection firewalls or application
traffic managers which must by their nature offload SSL processing in
order to inspect and possibly modify data
You mean it will be harder for MITM
See below, which includes a handy pointer to the Microsoft and Mozilla
policy statements requiring CAs to cease signing anything shorter than
2048 bits.
As I think I said last week -- was it last week? -- it's my belief that
cutting everything on the Web over to 2048 bits rather than, say, 1280