On Mon, Nov 04, 2013 at 01:45:12PM -0500, Ethan Gruber wrote:
> NSA broke it already
Very funny but untrue. While it is certainly possible to create an
insecure TLS certificate, for all we know it is not true that TLS has
been broken in general.
It is still one of the most usable protections against eavesdropping
and is still recommended by independent encryption expert Bruce
Schneier [1] and the Press Freedom Foundation [2], among others. In a
recent recommendation, the BSI (the German federal office for IT
security) recommended TLS 1.2 with Perfect Forward Security [3] for
all HTTPS setups. I am sure it would be beneficial for code4lib.org,
too.
Cheers,
Christian
Bielefeld University Library, Germany
References:
[1] http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance
[2] https://pressfreedomfoundation.org/encryption-works
[3] http://www.pro-linux.de/news/1/20333/bsi-empfiehlt-tls-12-mit-perfect-forward-secrecy.html
|