[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [TLS] Security today

To: Mike <mike-list@xxxxxxxxx>
Subject: Re: [TLS] Security today
From: Eric Rescorla <ekr@xxxxxxxxxxxxxxxxxxxx>
Date: Fri, 28 Mar 2008 18:08:04 -0700
Cc: "tls@xxxxxxxx" <tls@xxxxxxxx>
Delivered-to: tls@xxxxxxxxxxxxxx
In-reply-to: <47ED520E.80309@xxxxxxxxx>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
References: <47EC2A75.2050303@xxxxxxxxx> <0685A6ED2CB5D245B49DD0B07C3636CC2A8D543BC7@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> <47EC57A2.4030109@xxxxxxxxx> <47ED2BAB.2070508@xxxxxxxxxxxxxxxx> <47ED520E.80309@xxxxxxxxx>
Sender: tls-bounces@xxxxxxxx
User-agent: Wanderlust/2.15.5 (Almost Unreal) Emacs/22.1 Mule/5.0 (SAKAKI)

At Fri, 28 Mar 2008 13:16:14 -0700,
Mike wrote:
> 
> > (In a struggle to bring the thread back to tls-relevance...)
> 
> In my opinion, this is very relevant to TLS.  TLS is being
> mis-used so badly, that security is unnecessarily horrible.
> TLS itself is not bad, but if (when) something bad happens,
> it will be blamed for being insecure.  You don't want that
> to happen.
> 
> I think that it's become necessary for the TLS WG to put
> together a document with hard numbers in it for key lengths,
> relative strengths, expected lifetime for data protected by
> those keys/lengths/algorithms.

RFC 3766.

-Ekr
_______________________________________________
TLS mailing list
TLS@xxxxxxxx
https://www.ietf.org/mailman/listinfo/tls

Follow-Ups:
- Re: [TLS] Security today
  - From: Mike

References:
- [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Michael Howard
- Re: [TLS] Security today
  - From: Mike
- Re: [TLS] Security today
  - From: Rodney Thayer
- Re: [TLS] Security today
  - From: Mike

Prev by Date: Re: [TLS] Security today
Next by Date: Re: [TLS] Security today
Previous by thread: Re: [TLS] Security today
Next by thread: Re: [TLS] Security today
Index(es):
- Date
- Thread