@BRIAN_____ Also, Microsoft supports GCM only in combination with ECDSA, which is a bother.
-
-
-
@ivanristic MSIE would have to change regardless to do this. Know anybody at MS that would be interested in https://briansmith.org/browser-ciphersuites-01.html …? - 2 more replies
New conversation -
-
-
@BRIAN_____ do all the major browsers do GCM?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@BRIAN_____ Good idea, but not all servers will support GCM, or even SHA256 or SHA384 suites. NetScaler, IIRC.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@BRIAN_____@ivanristic Unsure I understand proposal, but some servers reject handshake if ciphersuites aren't defined for target version. -
@ericlaw@BRIAN_____ ...and browsers downgrade. We're discussing how to detect when a MITM forces a downgrade by simulating a faulty server.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.