>
> http://stackoverflow.com/questions/10378066/which-algorithm-is-stronger-for-tls-aes-256-or-camellia-256
>
> which says:
>
> The reasoning is contained in the NSS library source code and is somewhat
> convoluted, but it has nothing to do with security. It has to do with a
> desire to suppo
On Wed, Feb 13, 2013 at 12:52 PM, Peter Gutmann
wrote:
active use of ECC suites on the public Internet is practically nonexistent
>
That's not entirely accurate; try www.google.com.
Bodo
___
cryptography mailing list
cryptography@randombit.net
http://l
>
> Isn't this a self-signature?
>
Oh, in this case it's a self-signature. Werner, the problem (aka feature)
is that expiry according to self-signatures isn't carried forward into
third-party certification signatures -- so if an attacker gets hold of the
(not-so-)private key, the attacker can just
On Thu, Feb 16, 2012 at 12:05 PM, Werner Koch wrote:
> You are right that RFC4880 does not demand that the key expiration date
> is put into a hashed subpacket. But not doing so would be stupid.
>
I call it a "protocol failure", you call it "stupid", but Jon calls it a
"feature" (http://articl
On Mon, Oct 3, 2011 at 5:42 PM, Marsh Ray wrote:
At the risk of feeding the conspiracy angle, I note that there is only one
> stream cipher for SSL/TLS (RC4). All the others in common use are CBC modes,
> with that same predictable IV weakness as IPsec (i.e. BEAST). There are no
> DHE cipher suit