Re: 2048 bits, damn the electrons! [...@openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

2010-09-30 Thread Chris Palmer
Thor Lancelot Simon writes: a significant net loss of security, since the huge increase in computation required will delay or prevent the deployment of SSL everywhere. That would only happen if we (as security experts) allowed web developers to believe that the speed of RSA is the limiting

[tt] Random numbers created out of nothing

2010-09-30 Thread Eugen Leitl
Right from the snake-oil-security-dept. - Forwarded message from Arlind Boshnjaku arlindboshnj...@yahoo.com - From: Arlind Boshnjaku arlindboshnj...@yahoo.com Date: Thu, 30 Sep 2010 14:48:44 +0200 To: transhumanist news t...@postbiota.org Subject: [tt] Random numbers created out of

Re: 2048 bits, damn the electrons! [...@openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

2010-09-30 Thread Thor Lancelot Simon
On Wed, Sep 29, 2010 at 09:22:38PM -0700, Chris Palmer wrote: Thor Lancelot Simon writes: a significant net loss of security, since the huge increase in computation required will delay or prevent the deployment of SSL everywhere. That would only happen if we (as security experts) allowed

Re: 2048 bits, damn the electrons! [...@openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

2010-09-30 Thread Marsh Ray
On 09/30/2010 10:41 AM, Thor Lancelot Simon wrote: On Wed, Sep 29, 2010 at 09:22:38PM -0700, Chris Palmer wrote: Thor Lancelot Simon writes: a significant net loss of security, since the huge increase in computation required will delay or prevent the deployment of SSL everywhere. That would

Re: 2048 bits, damn the electrons! [...@openssl.org: [openssl.org #2354] [PATCH] Increase Default RSA Key Size to 2048-bits]

2010-09-30 Thread Thor Lancelot Simon
On Thu, Sep 30, 2010 at 01:36:47PM -0400, Paul Wouters wrote: [I wrote]: Also, consider devices such as deep-inspection firewalls or application traffic managers which must by their nature offload SSL processing in order to inspect and possibly modify data You mean it will be harder for MITM

Wrong Direction on Privacy - using NSLs to obtain communication transactional information

2010-09-30 Thread =JeffH
another facet of The Administration's We Hear You efforts.. Wrong Direction on Privacy Susan Landau 2-Aug-2010 http://www.huffingtonpost.com/susan-landau/wrong-direction-on-privac_b_666915.html The White House wants to make it easier for the FBI to get at your email and web browsing records;