NIST has weighed in on how to use TLS: http://tools.ietf.org/html/rfc6460 I am n... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		benblack on March 12, 2013 \| parent \| context \| favorite \| on: RC4 is kind of broken in TLS NIST has weighed in on how to use TLS: http://tools.ietf.org/html/rfc6460 I am not aware of any proposed attacks on the approved cipher suites that are anywhere near feasible. TLS deployment is far behind known best practice. We should do something about that.

jessaustin on March 12, 2013 [–]

For sure! I was responding more to the lament that TLS is different from e.g. SHA3. As I see it, this difference is inevitable.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact