[Ach] forward secrecy
azet at azet.org
Fri Nov 15 06:35:48 CET 2013
I’ve added a short paragraph on forward secrecy to the paper and a short explaination what cipher suites actually are.
On 15 Nov 2013, at 05:33, Aaron Zauner <azet at azet.org> wrote:
> I think we should include a short paragraph on forward secrecy. Often when I talk to administrators they do not know what FS is. Since keys can be supeanoed, stolen or hacked this has become a very real issue (think lavabit - the guy wasn’t aware of forward secrecy or the implications of traffic being stored over a long period of time - every communication can now easily be decrypted by gov. agencies since he had to supply the key for his SSL setup). A couple of years ago I myself would have labeled most people as paranoid for suggesting such a thing - although technically possible I didn’t believe that anyone would hoard such amounts of data for such a long time. And I was not alone thinking this way, I spoke to many security people over the years and many agreed that this would be infiseable. Well - It might be, but since goverments rather spend money on huge datacenters and graph analysis of massive amounts of data than proper healthcare that turned out to be a false assumption.
> Aaron <Tinfoilhat>
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Ach