Displaying 2 results from an estimated 2 matches for "rertain".
Did you mean:
certain
2018 Dec 19
1
How to configure Dovecot to disable NIST's curves and still rertain EECDH?
My opinion is that security by RFC is not security, it's mommy medicine.
Standards have had a terrible time keeping up with security realities.
NITS's curves leak side channel information all over the place. I don't
have details on what implementations are set to calculate the NIST
curves in constant time, and that's not an easy feat to do anyway so I
don't want to depend
2018 Dec 19
1
How to configure Dovecot to disable NIST's curves and still rertain EECDH?
I am interested in configuring Dovecot's TLS so as to retain forward
secrecy, but eliminate all of NIST's elliptic curves.
Besides being subject to side channel attacks [1], in some quarters
there is a general distrust of NIST's curves and any of their other
cryptographic primitives after the Dual EC DRBG debacle.
>From what I can tell, the following will prevent the use of