Does openssl server always choose highest TLS version offered?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 18/11/2015 00:25, Salz, Rich wrote:
>
> ?I have seen rumors (nothing reliable) that the TLS WG is proposing
> to disable a whole lot of good cipher suites in TLS 1.3.
>
> Well, it?s pretty easy to verify.  Look at the IETF TLS-WG web page, 
> and get a pointer to the current draft doc.
>
> Yes, TLS removes non-AEAD ciphers, and has only PFS key exchange.
>
>
What I have seen of AEAD ciphers, they tend to be designed
right "at the margin" in terms of security, compared to
traditional combinations of one MAC algorithm with a
different encryption algorithm, where the different
algorithms tend to protect each other against many attacks.

The recent NSA notes on post-suite B and quantum-resistant
algorithms reminds us that all of the PFS key exchanges (DH
and ECDH) available are vulnerable to decryption of
wiretapped (recorded) transmissions once a real quantum
computer is built by anyone.  So are the other public key
exchange algorithms in TLS, but not the PSK algorithms
without PFS.

Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 S?borg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux