Hi, > > > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > > I've a bunch of nits below. The only non-bit is whether or > not this has recently been compared to bettercrypto.org. > Doing so again would be a fine thing if not. > > I went through the document provided by bettercrypto, although I could invest only so much time.
Primary differences: * Their application scenario is slightly different - limited to business devices and openssl on the one hand, extended to all Interfacing services and "common services" on the other. Compatibility is an explicit concern. They recommend several different cipher strings and assess them by their strength. * Furthermore, they include opportunistic security explicitly for SMTP and similar protocols. We do not do that. * They recommend PFS algorithms, as do we. * They include Elliptic Curve algorithms, but in the openssl string they are in a position after normal DHE. Our document prefers ECDHE, then DHE. * Their view on AES-GCM and SHA2 is similar to ours. They do add CAMELLIA as a cipher. * They also rule out RC4 and MD5. * From the document, one can tell that they are suspicious of DSA at 1024 bit - this is the same in our document. Their document is very nice as it includes sample configurations for many setups. Ralph
_______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
