Fedora/Redhat and perfect forward secrecy

Florian Weimer fweimer at redhat.com
Mon Sep 9 10:55:02 UTC 2013

On 09/09/2013 11:58 AM, Andrew Haley wrote:
> On 09/07/2013 12:52 AM, Gregory Maxwell wrote:
>> Regardless, I think that argument would be an ignorant one:
>> Approximately no one runs non-ECDH PFS on the web: it's insanely slow
>> and it breaks clients.
> Hmm.  Isn't non-ECDH PFS just straight integer (mod N) Diffie-Hellman?

Yes, it is.

> And that's what is insanely slow?

I don't get it, either.

Florian Weimer / Red Hat Product Security Team

More information about the devel mailing list