On Fri, Aug 16, 2013 at 3:36 PM, Rob Stradling wrote:
>
> Wan-Teh, why do you think Firefox should specify a preference for ECDSA over
> RSA?
Because ECDSA is more secure than RSA, and ECC implementations will
become faster over time.
The ordering of RSA and ECDSA is really a "symbolic gesture"
On 16/08/13 23:05, Wan-Teh Chang wrote:
8. Authentication: RSA before ECDSA
a. RSA before ECDSA : performance
b. DSA last: not in use
... I would prefer ECDSA over RSA for authentication.
Wan-Teh, why do you think Firefox should specify a preference for ECDSA
over RSA?
If a we
On 16/08/13 16:18, Ryan Sleevi wrote:
On Fri, August 16, 2013 6:36 am, Rob Stradling wrote:
On 15/08/13 18:15, Chris Richardson wrote:
I believe this plan would have poor side effects. For example, if Apple
ships clients with a broken ECDSA implementation [0], a server cannot
detect detect i
On Fri, Aug 16, 2013 at 11:13 AM, Camilo Viecco wrote:
> Hello Brian
>
> I think this proposal has 3 sections.
> 1. Unifing SSL behavior on browsers.
> 2. Altering the criteria for cipher suite selection in Firefox (actually
> NSS)
> 3. removing certain cipher suites from the default firefox ciphe
On 8/16/13 11:13 AM, Camilo Viecco wrote:
Hello Brian
I think this proposal has 3 sections.
1. Unifing SSL behavior on browsers.
2. Altering the criteria for cipher suite selection in Firefox
(actually NSS)
3. removing certain cipher suites from the default firefox ciphersuite.
On 1:
I dont s
Hello Brian
I think this proposal has 3 sections.
1. Unifing SSL behavior on browsers.
2. Altering the criteria for cipher suite selection in Firefox (actually
NSS)
3. removing certain cipher suites from the default firefox ciphersuite.
On 1:
I dont see the point, but I am not against.
On 2:
On Fri, August 16, 2013 6:36 am, Rob Stradling wrote:
> On 15/08/13 18:15, Chris Richardson wrote:
> > I believe this plan would have poor side effects. For example, if Apple
> > ships clients with a broken ECDSA implementation [0], a server cannot
> > detect detect if a connecting client is an A
On 15/08/13 18:15, Chris Richardson wrote:
I believe this plan would have poor side effects. For example, if Apple
ships clients with a broken ECDSA implementation [0], a server cannot
detect detect if a connecting client is an Apple product and avoid the use
of ECDSA in that subset of connectio
8 matches
Mail list logo