[Cryptography] RC4 again (actual security, scalability and other discussion)
Nico Williams
nico at cryptonector.com
Tue Mar 11 19:14:03 EDT 2014
On Tue, Mar 11, 2014 at 5:29 PM, Nico Williams <nico at cryptonector.com> wrote:
> Of course, we're still missing DHE ciphersuites with ECC DH and modern
> ciphers/modes. Hmmm.
Sigh. I meant, TLS_ECDH_anon_WITH_AES_xxx_GCM_SHAxxx and other such
ciphersuites.
I.e., you can't do anon ECDH in TLS and get a modern cipher with a
modern cipher mode and modern PRF. This has been mentioned a few
times. I've just asked the TLS WG about it. The registry has
codepoints reserved for allocation via Standards Action and
Specification Required, so I ought to be able to register these
missing ciphersuites with an individual submission I-D with intended
status Informational. I'll do so soon. But I'm giving the WG a
chance to say they want it as a WG work item.
Nico
--
More information about the cryptography
mailing list