Fedora/Redhat and perfect forward secrecy

D. Hugh Redelmeier hugh at mimosa.com
Fri Sep 6 21:31:02 UTC 2013

| From: Reindl Harald <h.reindl at thelounge.net>
| Date: Sat, 24 Aug 2013 11:38:21 +0200

| https://bugzilla.redhat.com/show_bug.cgi?id=3D319901
| looks like Redhat based systems are the only remaining
| which does not support EECDHE which is a shame these
| days in context of PRISM and more and more Ciphers
| are going to be unuseable (BEAST/CRIME weakness)

It might be the case that the NSA has their fingers in these ECC

Here's a Schneier article worth reading:

In it, he recommends (among many other things):

    Prefer conventional discrete-log-based systems over elliptic-curve
    systems; the latter have constants that the NSA influences when
    they can.

It could be (by accident) that Fedora is more secure due to patents!

More information about the devel mailing list