[Cryptography] People should turn on PFS in TLS
Ben Laurie
ben at links.org
Fri Sep 6 13:56:51 EDT 2013
On 6 September 2013 18:24, Perry E. Metzger <perry at piermont.com> wrote:
> On Fri, 6 Sep 2013 18:18:05 +0100 Ben Laurie <ben at links.org> wrote:
> > On 6 September 2013 18:13, Perry E. Metzger <perry at piermont.com>
> > wrote:
> >
> > > Google is also now (I believe) using PFS on their connections, and
> > > they handle more traffic than anyone. A connection I just made to
> > > https://www.google.com/ came out as, TLS 1.2, RC4_128, SHA1,
> > > ECDHE_RSA.
> > >
> > > It would be good to see them abandon RC4 of course, and soon.
> > >
> >
> > In favour of what, exactly? We're out of good ciphersuites.
>
> I thought AES was okay for TLS 1.2? Isn't the issue simply that
> Firefox etc. still use TLS 1.0? Note that this was a TLS 1.2
> connection.
>
Apart from its fragility, AES-GCM is still OK, yes. The problem is that
there's nothing good left for TLS < 1.2.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130906/d8fe703c/attachment.html>
More information about the cryptography
mailing list