[Cryptography] People should turn on PFS in TLS (was Re: Fwd: NYTimes.com: N.S.A. Foils Much Internet Encryption)

ianG iang at iang.org
Fri Sep 6 15:46:14 EDT 2013

On 6/09/13 20:15 PM, Daniel Veditz wrote:
> On 9/6/2013 9:52 AM, Raphaël Jacquot wrote:
>> To meet today’s PCI DSS crypto standards DHE is not required.
> PCI is about credit card fraud.

So was SSL ;-)  Sorry, couldn't resist...

> Mastercard/Visa aren't worried that
> criminals are storing all your internet purchase transactions with the
> hope they can crack it later; if the FBI/NSA want your CC number they
> can get it by asking.

That's what the crims do to, they ask for all the numbers, they don't 
bother much with SSL.


More information about the cryptography mailing list