[Ach] 8.5.1 key exchange -- feedback, please!
azet at azet.org
Wed Nov 20 18:36:34 CET 2013
On 20 Nov 2013, at 17:56, christian mock <cm at coretec.at> wrote:
> On Wed, Nov 20, 2013 at 03:23:16PM +0100, Adi Kriegisch wrote:
>> I just started with the section about choosing your own cipher suite. The
>> idea is to first explain key exchange, authentication, encryption and
>> message authentication a little and give hints about good/bad algorithms.
>> Then move on to discuss how to select -- based on that knowledge -- cipher
>> suites in openssl syntax and what limitations a user/sysadmin may have to
>> deal with.
>> How do you like this structure? ...the content of section 8.5.1? ...and the
>> layout of that section?
> regarding the
> TODO: Team: do we need references for all cipher suites considered weak?
I think we should include such references!
> What about a single reference indicating that key lengths <112 (or
> whatever) are considered evil?
> The "key exchange" section looks complete, but it needs much more
> clarity, especially since this is very complicated. And what does the
> colorful table show? ;-)
> Christian Mock Wiedner Hauptstr. 15
> Senior Security Engineer 1040 Wien
> CoreTEC IT Security Solutions GmbH +43-1-5037273
> FN 214709 z
> CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
> Ach mailing list
> Ach at lists.cert.at
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
More information about the Ach