RE: ISSUE-128: Strong / weak algorithms? [Techniques]

NIST has an online PDF document dated 2005:
"Guidelines for the Selection and Use of Transport Layer Security (TLS)

At the end they have a table of recommended TLS server cypher suites
that I took a snapshot and attach herewith. I think that we could
consider the as "strong suites" (=combination of publi key + symmetric
key + key lengths).

One problem is that the selection criteria includes only FIPS-approved
algorithms (a requirements for governmental use) which excludes RC4 and
IDEA which can be cryptographically strong too.

-----Original Message-----
From: []
On Behalf Of Web Security Context Working Group Issue Tracker
Sent: den 11 oktober 2007 13:48
Subject: ISSUE-128: Strong / weak algorithms? [Techniques]

ISSUE-128: Strong / weak algorithms? [Techniques]

Raised by: Thomas Roessler
On product: Techniques

The current text includes a placeholder for strong TLS alorithms,
intended to be filled by reference.  What do we put there?

Received on Thursday, 11 October 2007 14:03:20 UTC