On Fri, Sep 6, 2013 at 5:34 PM, The Doctor <dr...@virtadpt.net> wrote:
> Symmetric cipher RC4 (weak 10/49) > Symmetric key length 128 bits (weak 8/19) > Cert issued by Google, Inc, US SHA-1 with RSA @ 2048 bit (MODERATE 2/6) First time I've heard of 128-bit symmetric called "weak"... Sure, RC4 isn't awesome but they seem to be saying that 128-bit keys per se are weak. > Let's contrast this with ChaosPad: > Symmetric cipher Camellia (STRONG 39/39) > Symmetric key length 256 bits (STRONG 19/19) > Cert issued by CAcert, Inc. SHA-1 with RSA @ 4096 bit (MODERATE 2/6) Without good server authentication, the other stuff doesn't matter. With Chrome, you get key pinning when talking to some sites (including Google sites, Tor, and Twtitter); I'd much rather have that and "only" 128-bit symmetric. Also, I don't know why you weren't getting forward secrecy; check your Firefox configuration. _______________________________________________ The cryptography mailing list cryptography@metzdowd.com http://www.metzdowd.com/mailman/listinfo/cryptography
