[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Additional network security
From: |
Ted Zlatanov |
Subject: |
Re: Additional network security |
Date: |
Sun, 07 Dec 2014 13:28:55 -0500 |
User-agent: |
Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux) |
On Sun, 07 Dec 2014 18:45:25 +0100 Lars Magne Ingebrigtsen <address@hidden>
wrote:
LMI> Ted Zlatanov <address@hidden> writes:
>> How about extending the GnuTLS priority string to also specify the NSM
>> level, DH bits, etc? So the user would say "NORMAL:NSM(medium,dh=1024)"
>> and we'd cut out all the NSM bits before passing it on to GnuTLS. If
>> there's nothing in the priority string, we'd look at
>> `network-security-level', that would be the out-of-the-box use case.
LMI> I'm not sure we need to allow this to be customised at this fine-grained
LMI> level. Does Firefox allow that, for instance?
No.
>> RC4 should be disallowed on medium IMO. I *think* it already is
>> disallowed in the default GnuTLS priority string.
LMI> There are prominent web sites that only offer RC4, most famously the
LMI> video streams from Youtube. (Because Google.)
OK, I see.
Ted
- Additional network security, Lars Magne Ingebrigtsen, 2014/12/05
- Re: Additional network security, Stefan Monnier, 2014/12/05
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/06
- Re: Additional network security, Stefan Monnier, 2014/12/06
- Re: Additional network security, Stephen J. Turnbull, 2014/12/07
- Re: Additional network security, Ted Zlatanov, 2014/12/07
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/07
- Re: Additional network security, Ted Zlatanov, 2014/12/07
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/07
- Re: Additional network security,
Ted Zlatanov <=
- Re: Additional network security, chad, 2014/12/07
- Re: Additional network security, Reiner Steib, 2014/12/18
- Re: Additional network security, Ted Zlatanov, 2014/12/20
- Re: Additional network security, Stephen J. Turnbull, 2014/12/07
- Re: Additional network security, Richard Stallman, 2014/12/07
- Re: Additional network security, Ted Zlatanov, 2014/12/08
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/08
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/08
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/08
- Re: Additional network security, Lars Magne Ingebrigtsen, 2014/12/08