[Cryptography] What TLS ciphersuites are still OK?

Ben Laurie ben at links.org
Tue Sep 10 09:03:32 EDT 2013


On 10 September 2013 03:59, james hughes <hughejp at mac.com> wrote:

>
> On Sep 9, 2013, at 2:49 PM, Stephen Farrell <stephen.farrell at cs.tcd.ie>
> wrote:
>
> On 09/09/2013 05:29 PM, Ben Laurie wrote:
>
> Perry asked me to summarise the status of TLS a while back ... luckily I
> don't have to because someone else has:
>
> http://tools.ietf.org/html/draft-sheffer-tls-bcp-00
>
> In short, I agree with that draft. And the brief summary is: there's only
> one ciphersuite left that's good, and unfortunately its only available in
> TLS 1.2:
>
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
>
> I retract my previous "+1" for this ciphersuite. This is hard coded 1024
> DHE and 1024bit RSA.
>

It is not hard coded to 1024 bit RSA. I have seen claims that some
platforms hard code DHE to 1024 bits, but I have not investigated these
claims. If true, something should probably be done.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130910/8d3b99cf/attachment.html>


More information about the cryptography mailing list