> I find that Firefox refuses to do any ephemeral ciphers whatsoever. What the
> heck? Why am I surprised. Somebody paid them.
>
> If you follow Schnieder, elliptic curve is not an option.
>
> I know you guys are severely underfunded, but is there any chance that
> lattice encryption will be c
On 18/12/2017 22:35, Colony.three via openssl-users wrote:
>> PS, Jakob I'm getting on your email: "This email has failed its
>> domain's authentication requirements. It may be spoofed or improperly
>> forwarded!"
>> The reason is: HEADER_FROM_DIFFEREN
PS, Jakob I'm getting on your email: "This email has failed its domain's
authentication requirements. It may be spoofed or improperly forwarded!"
The reason is: HEADER_FROM_DIFFERENT_DOMAINS,T_DKIM_INVALID--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/op
.
> For your information, I actually tracked down the original report
> about this (and posted some corrections in a comment to the
> researcher):
>
> - This was not HP's keyboard driver. This was Synaptics' touch
> pad driver (SynTP.sys).
Never said it is HP's driver. But understand, that it
>> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users
>> openssl-users@openssl.org wrote:
>>
>>> Hear about the HP keylogging case recently? Do you think a keylogger is
>>> actually used in testing of a keyboard driver, in practice?
>>>
>
> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users
> openssl-users@openssl.org wrote:
>
>> Hear about the HP keylogging case recently? Do you think a keylogger is
>> actually used in testing of a keyboard driver, in practice?
>>
>> Yes.
>>
&g
> Colony.three via openssl-users wrote:
>
>> I've set mine to test this comprehensively. (Apache and NginX) With
>> Apache Firefox -ignores- server-prescribed ciphers and chooses an EC.
>> NginX does properly prevail with the algo. Was this an accident, Apache?
> Have you submitted a bug report for Apache (not honouring server config
> cipher order) if one doesn't exist?
That never works.
> As for resistant to quantum computers, given the current aim is for systems
> that can calculate things that would currently take the age of the universe
> to cal
> - FF [claims it does
> DHE/EDH](https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.mozilla.org_Security_Server-5FSide-5FTLS-23Intermediate-5Fcompatibility-5F.28default.29&d=DwMGaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=XJoX203uiiC98n6L2888TI9zC37FTWeD7taNoV50GDE&s=v0qGxpAFrqv
>> Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are
>> using X25519 which was developed by Dan Bernstein.
>
> FF [claims it does
> DHE/EDH](https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29),
> but it does not actually, in prac
> - I find that Firefox refuses to do any ephemeral ciphers whatsoever. What
> the heck? Why am I surprised. Somebody paid them.
>
> I don’t know what server you are testing against, but FF does ECDHE all the
> time with no problems.
I should have said, "I find that Firefox refuses to do any
I find that Firefox refuses to do any ephemeral ciphers whatsoever. What the
heck? Why am I surprised. Somebody paid them.
If you follow Schnieder, elliptic curve is not an option.
I know you guys are severely underfunded, but is there any chance that lattice
encryption will be coming soon?
12 matches
Mail list logo
