[Cryptography] What TLS ciphersuites are still OK?

james hughes hughejp at mac.com
Mon Sep 9 17:32:17 EDT 2013


On Sep 9, 2013, at 9:29 AM, Ben Laurie <ben at links.org> wrote:

> Perry asked me to summarise the status of TLS a while back ... luckily I don't have to because someone else has:
> 
> http://tools.ietf.org/html/draft-sheffer-tls-bcp-00
> 
> In short, I agree with that draft. And the brief summary is: there's only one ciphersuite left that's good, and unfortunately its only available in TLS 1.2:
> 
> TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

+1 

I have read the document and it does not mention key lengths. I would suggest that 2048 bit is large enough for the next ~5? years or so. 2048 bit for both D-H and RSA. How are the key lengths specified? 


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20130909/c6d04cb7/attachment.html>


More information about the cryptography mailing list