[Cryptography] People should turn on PFS in TLS
Perry E. Metzger
perry at piermont.com
Fri Sep 6 14:11:48 EDT 2013
On Fri, 6 Sep 2013 18:56:51 +0100 Ben Laurie <ben at links.org> wrote:
> The problem is that there's nothing good [in the way of ciphers]
> left for TLS < 1.2.
So, lets say in public that the browser vendors have no excuse left
for not going to 1.2.
I hate to be a conspiracy nutter, but it is that kind of week. Anyone
at a browser vendor resisting the move to 1.2 should be viewed with
deep suspicion.
(Heck, if they're not on the government's payroll, then shame on them
for retarding progress for free. They should at least be charging. And
yes, I'm aware many of the people resisting are probably doing so
without realizing they're harming internet security, but we can no
longer presume that is the motive.)
Chrome handles 1.2, there is no longer any real excuse for the others
not to do the same.
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list