Am 06.09.2013 23:31, schrieb D. Hugh Redelmeier: > | From: Reindl Harald <h.reindl@xxxxxxxxxxxxx> > | Date: Sat, 24 Aug 2013 11:38:21 +0200 > > | https://bugzilla.redhat.com/show_bug.cgi?id=3D319901 > | > | looks like Redhat based systems are the only remaining > | which does not support EECDHE which is a shame these > | days in context of PRISM and more and more Ciphers > | are going to be unuseable (BEAST/CRIME weakness) > > It might be the case that the NSA has their fingers in these ECC > standards. > > Here's a Schneier article worth reading: > <http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance> > > In it, he recommends (among many other things): > > Prefer conventional discrete-log-based systems over elliptic-curve > systems; the latter have constants that the NSA influences when > they can. > > It could be (by accident) that Fedora is more secure due to patents! it could be that RHEL/Fedora fail every security audit in the near future *that* is proven and sure, the above not!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
