[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [ws-dd] Issue 110 - DPWS - Support for TLS_RSA_WITH_RC4_128_SHA
For small embedded devices, it is important that at least one stream cipher be available, to avoid requiring devices to fully buffer a TLS fragment (which can be up to 16 kbytes) before encryption/decryption. Are there alternatives to RC4 that are both better from the cryptographic point of view and widely enough supported (in particular by the main browsers) to be usable in devices? Cheers Antoine Ram Jeyaraman a écrit : > > This issue is assigned the number 110. For further discussions on this > issue, please refer to this issue number or use this thread. > > *From:* Dave Whitehead [mailto:david@lexmark.com] > *Sent:* Thursday, December 11, 2008 1:46 PM > *To:* Ram Jeyaraman > *Subject:* NEW Issue: 111 > > > > > Please defer discussions on this issue until a time this issue is > accepted and is assigned a number > > http://www.oasis-open.org/apps/org/workgroup/ws-dd/download.php/29655/wsdd-dpws-1.1-spec-wd-02.docx > > > PDF line 1160 > > Requires support for TLS_RSA_WITH_RC4_128_SHA which is, > cryptographically speaking, broken. > > Proposed Solution: Require TLS_RSA_WITH_AES_128_CBC_SHA256. We can > then remove the statement about the recommended ciphersuite. > > > David H. Whitehead > Development Engineer > Lexmark International, Inc. > 859.825.4914 > davidatlexmarkdotcom > > ------------------------------------------------------------------------ > > > Internal Virus Database is out of date. > Checked by AVG - http://www.avg.com > Version: 8.0.176 / Virus Database: 270.9.11/1820 - Release Date: 29/11/2008 18:52 > >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]