Seriously there are smart people saying that the problem weakdh points out is that DH groups aren’t randomized. >HEADDESK<
-
-
Replying to @tqbf
@tqbf@matthew_d_green OTOH, why wouldn't you generate your own high-bit-count params now? Seems like it would buy time for quantum defense.1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@matthew_d_green This to me is like the argument that you should cascade AES and Threefish in case AES is broken.1 reply 0 retweets 1 like -
Replying to @tqbf
@tqbf@matthew_d_green I guess it depends on how prone to hyperbole one is, doesn't it?1 reply 0 retweets 0 likes -
Replying to @BRIAN_____
@BRIAN_____@matthew_d_green Me:fairly so. Do you really think random 2048 bit moduli will stop any realistic attack?1 reply 0 retweets 0 likes -
Replying to @tqbf
@tqbf@matthew_d_green When it is so easy to do, I'd rather use my own parameters than think about whether I should trust ones handed to me.2 replies 0 retweets 1 like -
Replying to @BRIAN_____
@BRIAN_____@matthew_d_green For static server config I understand the logic, but seems like slippery slope to horrible negotiation protos.1 reply 0 retweets 1 like
@tqbf @matthew_d_green Yep. That's why I refused to add any new TLS_DHE_* cipher suites in Firefox, and why Safari dropped them completely.
-
-
Replying to @BRIAN_____
@BRIAN_____@tqbf@matthew_d_green And we are trying to remove in Chrome entirely.@davidben__ is driving that. only so many changes at once0 replies 2 retweets 4 likesThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.