Mailing List Archive
tlug.jp Mailing List tlug archive tlug Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Good Overview Of What Is Still Secure?
- Date: Wed, 11 Sep 2013 11:24:38 +0900 (JST)
- From: "Nikolay Elenkov" <email@example.com>
- Subject: Re: [tlug] Good Overview Of What Is Still Secure?
- References: <522D26F5.firstname.lastname@example.org> <email@example.com>
- User-agent: SquirrelMail/1.4.8-2.el4.centos4
Stephen J. Turnbull writes: > Darren Cook writes: > > > > Any suggestions for a good, up to date article that describes what is > > potentially compromised, and what is still secure? > > Not off hand. The RISKs folks, Bruce Schneier's blog, stuff like that > would be where I'd look. > Also this http://blog.cryptographyengineering.com/2013/09/on-nsa.html, the whole blog is worth reading. BTW, crypto wars are now also fought on Twitter, so follow the usual suspects there to get latest news/opinions in 140 chars or less. The jury is still out on most things, but NIST-approved EC curves are suspect, advice is to use alternative curves like Curve25519 and Curve1174 or avoid ECDH in favour of 'old-school' DH (i.e., discrete logarithm based). Not known what the problem(s) with TLS might be, but deploying forward secrecy sounds like a good idea, but see https://www.imperialviolet.org/2013/06/27/botchingpfs.html
- Re: [tlug] Good Overview Of What Is Still Secure?
- From: Darren Cook
Home | Main Index | Thread Index
- Prev by Date: [tlug] Good Overview Of What Is Still Secure?
- Next by Date: Re: [tlug] Good Overview Of What Is Still Secure?
- Previous by thread: [tlug] Good Overview Of What Is Still Secure?
- Next by thread: Re: [tlug] Good Overview Of What Is Still Secure?
Home Page Mailing List Linux and Japan TLUG Members Links