[Ach] 8.5.1 key exchange -- feedback, please!
cm at coretec.at
Wed Nov 20 17:56:50 CET 2013
On Wed, Nov 20, 2013 at 03:23:16PM +0100, Adi Kriegisch wrote:
> I just started with the section about choosing your own cipher suite. The
> idea is to first explain key exchange, authentication, encryption and
> message authentication a little and give hints about good/bad algorithms.
> Then move on to discuss how to select -- based on that knowledge -- cipher
> suites in openssl syntax and what limitations a user/sysadmin may have to
> deal with.
> How do you like this structure? ...the content of section 8.5.1? ...and the
> layout of that section?
TODO: Team: do we need references for all cipher suites considered weak?
What about a single reference indicating that key lengths <112 (or
whatever) are considered evil?
The "key exchange" section looks complete, but it needs much more
clarity, especially since this is very complicated. And what does the
colorful table show? ;-)
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
More information about the Ach