[Cryptography] People should turn on PFS in TLS (was Re: Fwd: NYTimes.com: N.S.A. Foils Much Internet Encryption)

Daniel Veditz dveditz at mozilla.com
Fri Sep 6 13:15:40 EDT 2013

On 9/6/2013 9:52 AM, Raphaël Jacquot wrote:
> To meet today’s PCI DSS crypto standards DHE is not required.

PCI is about credit card fraud. Mastercard/Visa aren't worried that
criminals are storing all your internet purchase transactions with the
hope they can crack it later; if the FBI/NSA want your CC number they
can get it by asking.

-Dan Veditz

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130906/cdf8698b/attachment.bin>

More information about the cryptography mailing list