[Cryptography] What TLS ciphersuites are still OK?
hanno at hboeck.de
Mon Sep 9 17:14:31 EDT 2013
On Mon, 9 Sep 2013 17:29:24 +0100
Ben Laurie <ben at links.org> wrote:
> Perry asked me to summarise the status of TLS a while back ...
> luckily I don't have to because someone else has:
> In short, I agree with that draft. And the brief summary is: there's
> only one ciphersuite left that's good, and unfortunately its only
> available in TLS 1.2:
I don't really see from the document why the authors discourage
ECDHE-suites and AES-256. Both should be okay and we end up with four
Also, DHE should only be considered secure with a large enough modulus
(>=2048 bit). Apache hard-fixes this to 1024 bit and it's not
configurable. So there even can be made an argument that ECDHE is more
secure - it doesn't have a widely deployed webserver using it in an
mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: not available
More information about the cryptography