On Mon, Nov 04, 2013 at 01:45:12PM -0500, Ethan Gruber wrote: > NSA broke it already Very funny but untrue. While it is certainly possible to create an insecure TLS certificate, for all we know it is not true that TLS has been broken in general. It is still one of the most usable protections against eavesdropping and is still recommended by independent encryption expert Bruce Schneier [1] and the Press Freedom Foundation [2], among others. In a recent recommendation, the BSI (the German federal office for IT security) recommended TLS 1.2 with Perfect Forward Security [3] for all HTTPS setups. I am sure it would be beneficial for code4lib.org, too. Cheers, Christian Bielefeld University Library, Germany References: [1] http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance [2] https://pressfreedomfoundation.org/encryption-works [3] http://www.pro-linux.de/news/1/20333/bsi-empfiehlt-tls-12-mit-perfect-forward-secrecy.html