[Ach] Firefox 27.0 now supports TLS 1.1 and 1.2
Aaron Zauner
azet at azet.org
Thu Feb 6 22:46:24 CET 2014
Kinda reading/thinking to fast today and a bit distracted by work. Sorry
again for the confusion (I tend to mix up ECDHE and ECDSA in ciphersuites,
goddamn) :)
Aaron
On Thu, Feb 6, 2014 at 10:44 PM, Aaron Zauner <azet at azet.org> wrote:
> Ah. makes sense. Mea culpa.
>
> Still ECDSA operations will be a lot faster than RSA. But that kind of
> business impact for the sake of security can (and probably should) be
> tolerated for now.
>
> Aaron
>
>
> On Thu, Feb 6, 2014 at 10:41 PM, Kurt Roeckx <kurt at roeckx.be> wrote:
>
>> On Thu, Feb 06, 2014 at 10:19:42PM +0100, Aaron Zauner wrote:
>> > Well. Not true. You can get AES-GCM also with non-ephemeral handshakes.
>> >
>> > ECDSA is prefered because the computational overhead is very small in
>> > comparison to DHE (which none of the larger web platforms will use,
>> because
>> > it'll kill their servers with serious real-life traffic at hand).
>> Didn't I
>> > say so a couple of months back? Nobody will use DHE and people will
>> > complain on the list (as they did) :)
>>
>> I think he's talkign about ECDHE_ECDSA before ECDHE_RSA, not ECDHE
>> before DHE.
>>
>>
>> Kurt
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140206/e817a6d9/attachment.html>
More information about the Ach
mailing list