Seriously there are smart people saying that the problem weakdh points out is that DH groups aren’t randomized. >HEADDESK<
@tqbf @matthew_d_green I guess it depends on how prone to hyperbole one is, doesn't it?
-
-
@BRIAN_____@matthew_d_green Me:fairly so. Do you really think random 2048 bit moduli will stop any realistic attack? -
@tqbf@matthew_d_green When it is so easy to do, I'd rather use my own parameters than think about whether I should trust ones handed to me. -
@BRIAN_____@matthew_d_green For static server config I understand the logic, but seems like slippery slope to horrible negotiation protos. -
@tqbf@matthew_d_green Yep. That's why I refused to add any new TLS_DHE_* cipher suites in Firefox, and why Safari dropped them completely. -
@BRIAN_____@tqbf@matthew_d_green And we are trying to remove in Chrome entirely.@davidben__ is driving that. only so many changes at once
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.