[Cryptography] People should turn on PFS in TLS
ben at links.org
Fri Sep 6 13:56:51 EDT 2013
On 6 September 2013 18:24, Perry E. Metzger <perry at piermont.com> wrote:
> On Fri, 6 Sep 2013 18:18:05 +0100 Ben Laurie <ben at links.org> wrote:
> > On 6 September 2013 18:13, Perry E. Metzger <perry at piermont.com>
> > wrote:
> > > Google is also now (I believe) using PFS on their connections, and
> > > they handle more traffic than anyone. A connection I just made to
> > > https://www.google.com/ came out as, TLS 1.2, RC4_128, SHA1,
> > > ECDHE_RSA.
> > >
> > > It would be good to see them abandon RC4 of course, and soon.
> > >
> > In favour of what, exactly? We're out of good ciphersuites.
> I thought AES was okay for TLS 1.2? Isn't the issue simply that
> Firefox etc. still use TLS 1.0? Note that this was a TLS 1.2
Apart from its fragility, AES-GCM is still OK, yes. The problem is that
there's nothing good left for TLS < 1.2.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography