Perfect Forward Secrecy: Not So Perfect, Not So Forward
Alan Braggins
alan.braggins at gmail.com
Wed Dec 12 17:03:01 GMT 2012
On 11/12/12 20:59, Peter Fairbrother wrote:
> It's been a while since I checked, but I think Google do offer a DHE
> suite - but the client must ask for one, they are not used as default.
The default is now DHE.
http://googleonlinesecurity.blogspot.co.uk/2011/11/protecting-data-for-long-term-with.html
"We are now pushing forward by enabling forward secrecy by default."
http://www.imperialviolet.org/2011/11/22/forwardsecret.html
"Firstly, the preferred cipher suite for most Google HTTPS servers is
ECDHE-RSA-RC4-SHA. If you have a client that supports it, you'll be
using that ciphersuite."
More information about the ukcrypto
mailing list