Re: [TLS] Security today

To: tls at ietf.org
Subject: Re: [TLS] Security today
From: Mike <mike-list at pobox.com>
Date: Sat, 29 Mar 2008 10:31:10 -0700
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <20080329172441.435281CCE10 at kilo.rtfm.com>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <47EC2A75.2050303 at pobox.com> <8E5D6D9B-C7CC-4687-9BD5-586856D3A9C7 at checkpoint.com> <47ED921E.9050305 at pobox.com> <E52894BF-D52F-464F-8E61-23335E93A3FF at checkpoint.com> <47EE70BB.3000205 at pobox.com> <20080329165734.252F71CCCAD at kilo.rtfm.com> <47EE792D.4080307 at pobox.com> <20080329172441.435281CCE10 at kilo.rtfm.com>
Sender: tls-bounces at ietf.org
User-agent: Thunderbird 2.0.0.12 (Windows/20080213)

>>> 3. The major servers support ephemeral DH, as do many clients.
>> This is where you are wrong.  Here is a list of servers that will
>> not negotiate DHE_RSA with any of AES128, AES256, or DES3:
> 
> I'm talking about the implementations, not the server operators. 
> The server operators have chosen not to turn it on.

And that is precisely why they need a document telling them just
how damaging that choice is.  Which do you think will get more
attention, a whitepaper outlining the dangers of not using DHE
preferentially, written by some random guy named Mike, or the
same paper with the backing of the TLS WG of the IETF Internet
Security area?

Mike
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Security today
  - From: Yoav Nir
- Re: [TLS] Security today
  - From: Eric Rescorla

References:
- [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Yoav Nir
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Yoav Nir
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Eric Rescorla
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Eric Rescorla

Prev by Date: Re: [TLS] Security today
Next by Date: Re: [TLS] Security today
Previous by thread: Re: [TLS] Security today
Next by thread: Re: [TLS] Security today
Index(es):
- Date
- Thread

Re: [TLS] Security today

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.