[Ach] Firefox 27.0 now supports TLS 1.1 and 1.2

Aaron Zauner azet at azet.org
Thu Feb 6 22:44:31 CET 2014


Ah. makes sense. Mea culpa.

Still ECDSA operations will be a lot faster than RSA. But that kind of
business impact for the sake of security can (and probably should) be
tolerated for now.

Aaron


On Thu, Feb 6, 2014 at 10:41 PM, Kurt Roeckx <kurt at roeckx.be> wrote:

> On Thu, Feb 06, 2014 at 10:19:42PM +0100, Aaron Zauner wrote:
> > Well. Not true. You can get AES-GCM also with non-ephemeral handshakes.
> >
> > ECDSA is prefered because the computational overhead is very small in
> > comparison to DHE (which none of the larger web platforms will use,
> because
> > it'll kill their servers with serious real-life traffic at hand). Didn't
> I
> > say so a couple of months back? Nobody will use DHE and people will
> > complain on the list (as they did)  :)
>
> I think he's talkign about ECDHE_ECDSA before ECDHE_RSA, not ECDHE
> before DHE.
>
>
> Kurt
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140206/973d1cf9/attachment.html>


More information about the Ach mailing list