Re: stunnel 5.46 released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




> On May 31, 2018, at 12:09 AM, Michal Trojnara <Michal.Trojnara@xxxxxxxxxxx> wrote:
> 
> I respectfully disagree.  The only practical disadvantage of kRSA is
> that it doesn't provide PFS.  Losing PFS is bad, but it's not a huge
> price for ensuring secure key exchange.

There's an assumption here that DHE key exchange is not secure,
while ECDHE is secure.  That assumption is wrong.  Only export
grade DHE was shown weak in logjam.  OpenSSL no longer accepts
weak DHE keys.  There are also weak ECDSA curves that old
implementations would accept, there nothing fundamentally
better (performance aside) about ECDHE vs. DHE.  Indeed
some trust DHE more because the keys are larger and perhaps
more resistant to QC, and the mathematics is better understood
(less bleeding edge than elliptic curves).

I expect there are still plenty of LTS RedHat systems that
ship without EC support, though yes anything reasonably
up to date, will have EC support.

Ultimately of course up to you and your users, I think I've
made my case as well as I could.  Good luck.

-- 
	Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux