On 13-10-2014 16:23, Jim Starkey wrote: > Why on earth would someone authenticate with SRP then drop in TLS?
... > SRP/RC4 is robust, efficient, secure, and provides perfect forward > security. TLS is none of these. I am not so sure about the security of RC4: http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx Mark -- Mark Rotteveel ------------------------------------------------------------------------------ Comprehensive Server Monitoring with Site24x7. Monitor 10 servers for $9/Month. Get alerted through email, SMS, voice calls or mobile push notifications. Take corrective actions from your mobile device. http://p.sf.net/sfu/Zoho Firebird-Devel mailing list, web interface at https://lists.sourceforge.net/lists/listinfo/firebird-devel
