Re: [TLS] Security today

To: Mike <mike-list at pobox.com>
Subject: Re: [TLS] Security today
From: Eric Rescorla <ekr at networkresonance.com>
Date: Fri, 28 Mar 2008 18:08:04 -0700
Cc: "tls at ietf.org" <tls at ietf.org>
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <47ED520E.80309 at pobox.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <47EC2A75.2050303 at pobox.com> <0685A6ED2CB5D245B49DD0B07C3636CC2A8D543BC7 at NA-EXMSG-C104.redmond.corp.microsoft.com> <47EC57A2.4030109 at pobox.com> <47ED2BAB.2070508 at canola-jones.com> <47ED520E.80309 at pobox.com>
Sender: tls-bounces at ietf.org
User-agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.1 Mule/5.0 (SAKAKI)

At Fri, 28 Mar 2008 13:16:14 -0700,
Mike wrote:
> 
> > (In a struggle to bring the thread back to tls-relevance...)
> 
> In my opinion, this is very relevant to TLS.  TLS is being
> mis-used so badly, that security is unnecessarily horrible.
> TLS itself is not bad, but if (when) something bad happens,
> it will be blamed for being insecure.  You don't want that
> to happen.
> 
> I think that it's become necessary for the TLS WG to put
> together a document with hard numbers in it for key lengths,
> relative strengths, expected lifetime for data protected by
> those keys/lengths/algorithms.

RFC 3766.

-Ekr
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Security today
  - From: Mike

References:
- [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Michael Howard
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Rodney Thayer
- Re: [TLS] Security today
  - From: Mike

Prev by Date: Re: [TLS] Security today
Next by Date: Re: [TLS] Security today
Previous by thread: Re: [TLS] Security today
Next by thread: Re: [TLS] Security today
Index(es):
- Date
- Thread

Re: [TLS] Security today

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.