On Mon, Sep 9, 2013 at 11:46 AM, Paul Wouters wrote:
> [not speaking for Red Hat]
> You seem to believe only valid legal claims can put Red Hat in court.
Of course not.
Though I'm not aware of anyone making any claims at all over basic
non-specially optimized ECDH on prime fields. Perhaps RedHat
On Mon, 9 Sep 2013, Gregory Maxwell wrote:
I am certainly not ignoring legal concerns. While there are some
patented EC cryptographic techniques, the basic infrastructure
including ECDH over prime fields was first published back in 1984 and
is not patentable.
The IETF has published an extensive
On Mon, Sep 9, 2013 at 9:12 AM, Paul Wouters wrote:
> For the client, clearly CPU is not the limiting factor. For regular TLS
> servers, this should also not matter. For fully loaded TLS servers or
> TLS accelerators, the factor 3 on the CPU load will matter, but we're
> talking clusters of machin
Am 09.09.2013 18:12, schrieb Paul Wouters:
> On Mon, 9 Sep 2013, Reindl Harald wrote:
>>> I don't get it, either
>>
>> google "dhe versus ecdhe performance"
>>
>> http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html
Let’s focus on the server part. Enabling DHE-RSA-AES128-SH
much support forward secrecy in a way *nobody* else on this
planet is supporting it and so you repsonse below is uneducated - period
Ignoring the obvious legal (and now potential backdoor) problems with
ECC is also not very educated.
Paul
---- Original-Nachricht ----
Betreff: Re: Fedora/
much support forward secrecy in a way *nobody* else on this
planet is supporting it and so you repsonse below is uneducated - period
Original-Nachricht
Betreff: Re: Fedora/Redhat and perfect forward secrecy
Datum: Mon, 26 Aug 2013 11:07:29 +0200
Von: Florian Weimer
An: Development discuss
On 09/09/2013 11:58 AM, Andrew Haley wrote:
On 09/07/2013 12:52 AM, Gregory Maxwell wrote:
Regardless, I think that argument would be an ignorant one:
Approximately no one runs non-ECDH PFS on the web: it's insanely slow
and it breaks clients.
Hmm. Isn't non-ECDH PFS just straight integer (mo
On 09/07/2013 12:52 AM, Gregory Maxwell wrote:
> Regardless, I think that argument would be an ignorant one:
> Approximately no one runs non-ECDH PFS on the web: it's insanely slow
> and it breaks clients.
Hmm. Isn't non-ECDH PFS just straight integer (mod N) Diffie-Hellman?
And that's what is in
On Fri, Sep 6, 2013 at 2:31 PM, D. Hugh Redelmeier wrote:
> | From: Reindl Harald
> | Date: Sat, 24 Aug 2013 11:38:21 +0200
>
> | https://bugzilla.redhat.com/show_bug.cgi?id=3D319901
> |
> | looks like Redhat based systems are the only remaining
> | which does not support EECDHE which is a shame
| From: Reindl Harald
| Date: Sat, 24 Aug 2013 11:38:21 +0200
| https://bugzilla.redhat.com/show_bug.cgi?id=3D319901
|
| looks like Redhat based systems are the only remaining
| which does not support EECDHE which is a shame these
| days in context of PRISM and more and more Ciphers
| are going
On Mon, Aug 26, 2013 at 04:57:15PM +0200, Reindl Harald wrote:
> >
> > Not Found
> >
> > The requested URL /roller/blog/entry/enable_elliptical_curve_diffie_hellman
> > was not found on this server.
> >
> >> http://www.theverge.com/2013/6/26/4468050/facebook-follows-google-with-tough-encryption
On Mon, Aug 26, 2013 at 04:57:15PM +0200, Reindl Harald wrote:
>
>
> Am 26.08.2013 16:24, schrieb Chuck Anderson:
> > On Mon, Aug 26, 2013 at 11:17:52AM +0200, Reindl Harald wrote:
> >> cause and effect
> >> because Fedora does *not* support Ciphers without large performance impacts
> >>
> >> in
Am 26.08.2013 16:24, schrieb Chuck Anderson:
> On Mon, Aug 26, 2013 at 11:17:52AM +0200, Reindl Harald wrote:
>> cause and effect
>> because Fedora does *not* support Ciphers without large performance impacts
>>
>> in reality without ECDHE you have no way
>> go to https://www.ssllabs.com/ssltest/
On Mon, Aug 26, 2013 at 11:17:52AM +0200, Reindl Harald wrote:
> cause and effect
> because Fedora does *not* support Ciphers without large performance impacts
>
> in reality without ECDHE you have no way
> go to https://www.ssllabs.com/ssltest/ and look at the client-handshakes
> practically no c
Am 26.08.2013 13:26, schrieb Jan-Frode Myklebust:
> On Mon, Aug 26, 2013 at 11:07:29AM +0200, Florian Weimer wrote:
>> On 08/24/2013 11:38 AM, Reindl Harald wrote:
>>> https://bugzilla.redhat.com/show_bug.cgi?id=319901
>>>
>>> looks like Redhat based systems are the only remaining
>>> which does
Am 26.08.2013 11:07, schrieb Florian Weimer:
> On 08/24/2013 11:38 AM, Reindl Harald wrote:
>> https://bugzilla.redhat.com/show_bug.cgi?id=319901
>>
>> looks like Redhat based systems are the only remaining
>> which does not support EECDHE which is a shame these
>> days in context of PRISM and mo
On Mon, Aug 26, 2013 at 11:07:29AM +0200, Florian Weimer wrote:
> On 08/24/2013 11:38 AM, Reindl Harald wrote:
> >https://bugzilla.redhat.com/show_bug.cgi?id=319901
> >
> >looks like Redhat based systems are the only remaining
> >which does not support EECDHE which is a shame these
> >days in conte
On 08/24/2013 11:38 AM, Reindl Harald wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=319901
looks like Redhat based systems are the only remaining
which does not support EECDHE which is a shame these
days in context of PRISM and more and more Ciphers
are going to be unuseable (BEAST/CRIME we
https://bugzilla.redhat.com/show_bug.cgi?id=319901
looks like Redhat based systems are the only remaining
which does not support EECDHE which is a shame these
days in context of PRISM and more and more Ciphers
are going to be unuseable (BEAST/CRIME weakness)
___
19 matches
Mail list logo
