Menu
▾
▴
Re: [Firebird-devel] next steps tls + srp and the boring ssl
|
From: Mark R. <ma...@la...> - 2014-10-15 17:15:16
|
On 13-10-2014 16:23, Jim Starkey wrote: > Why on earth would someone authenticate with SRP then drop in TLS? ... > SRP/RC4 is robust, efficient, secure, and provides perfect forward > security. TLS is none of these. I am not so sure about the security of RC4: http://www.wisdom.weizmann.ac.il/~itsik/RC4/rc4.html http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2868725-recommendation-to-disable-rc4.aspx Mark -- Mark Rotteveel |
