[Cryptography] forward-secrecy >=2048-bit in legacy browser/servers? (Re: RSA equivalent key length/strength)

[Peter Gutmann]

Adam Back <adam at cypherspace.org> writes:

>Is there a possibility with RSA-RSA ciphersuite to have a certified RSA
>signing key, but that key is used to sign an RS key negotiation?

Yes, but not in the way you want.  This is what the 1990s-vintage RSA export
ciphersuites did, but they were designed so you couldn't use them to provide
strong security.

>I imagine that ciphersuite is widely disabled at this point.

That'd be the other problem :-).

Peter.