[Ach] Firefox 27.0 now supports TLS 1.1 and 1.2

Aaron Zauner azet at azet.org
Thu Feb 6 22:44:31 CET 2014

Ah. makes sense. Mea culpa.

Still ECDSA operations will be a lot faster than RSA. But that kind of
business impact for the sake of security can (and probably should) be
tolerated for now.


On Thu, Feb 6, 2014 at 10:41 PM, Kurt Roeckx <kurt at roeckx.be> wrote:

> On Thu, Feb 06, 2014 at 10:19:42PM +0100, Aaron Zauner wrote:
> > Well. Not true. You can get AES-GCM also with non-ephemeral handshakes.
> >
> > ECDSA is prefered because the computational overhead is very small in
> > comparison to DHE (which none of the larger web platforms will use,
> because
> > it'll kill their servers with serious real-life traffic at hand). Didn't
> I
> > say so a couple of months back? Nobody will use DHE and people will
> > complain on the list (as they did)  :)
> I think he's talkign about ECDHE_ECDSA before ECDHE_RSA, not ECDHE
> before DHE.
> Kurt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140206/973d1cf9/attachment.html>

More information about the Ach mailing list