[Cryptography] People should turn on PFS in TLS (was Re: Fwd: NYTimes.com: N.S.A. Foils Much Internet Encryption)

ianG iang at iang.org
Fri Sep 6 15:46:14 EDT 2013


On 6/09/13 20:15 PM, Daniel Veditz wrote:
> On 9/6/2013 9:52 AM, Raphaël Jacquot wrote:
>> To meet today’s PCI DSS crypto standards DHE is not required.
>
> PCI is about credit card fraud.


So was SSL ;-)  Sorry, couldn't resist...


> Mastercard/Visa aren't worried that
> criminals are storing all your internet purchase transactions with the
> hope they can crack it later; if the FBI/NSA want your CC number they
> can get it by asking.


That's what the crims do to, they ask for all the numbers, they don't 
bother much with SSL.



iang


More information about the cryptography mailing list