[Ach] 8.5.1 key exchange -- feedback, please!

christian mock cm at coretec.at
Wed Nov 20 17:56:50 CET 2013

On Wed, Nov 20, 2013 at 03:23:16PM +0100, Adi Kriegisch wrote:
> Hi!
> I just started with the section about choosing your own cipher suite. The
> idea is to first explain key exchange, authentication, encryption and
> message authentication a little and give hints about good/bad algorithms.
> Then move on to discuss how to select -- based on that knowledge -- cipher
> suites in openssl syntax and what limitations a user/sysadmin may have to
> deal with.
> How do you like this structure? ...the content of section 8.5.1? ...and the
> layout of that section?

regarding the

TODO: Team: do we need references for all cipher suites considered weak?

What about a single reference indicating that key lengths <112 (or
whatever) are considered evil?

The "key exchange" section looks complete, but it needs much more
clarity, especially since this is very complicated. And what does the
colorful table show? ;-)


Christian Mock                          Wiedner Hauptstr. 15
Senior Security Engineer                1040 Wien
CoreTEC IT Security Solutions GmbH      +43-1-5037273
FN 214709 z

CoreTEC: Web Application Audit - Damit so etwas nicht passiert!



More information about the Ach mailing list