Mailing List Archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] Good Overview Of What Is Still Secure?

>>  > Any suggestions for a good, up to date article that describes what is
>>  > potentially compromised, and what is still secure?
>> Not off hand.  The RISKs folks, Bruce Schneier's blog, stuff like that
>> would be where I'd look.
> Also this,
> the whole blog is worth reading.
> ...

Thanks (and to Stephen).

I spent some time yesterday working through these; also the slashdot
thread [1].
I got a good idea, but the dust on the conclusions hasn't settled yet
(e.g. the imperialviolet page says how much better ECDHE is than DHE,
but the "EC" is the elliptic curves that hackers might have a compromise


(I found this useful for pointing out that the CAs don't get the private
keys, it is all kept browser-side, and also that a man-in-the-middle
attack would be too easily noticed.)

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links