tls

  1. J

    Amazon Releases New Open Source Implementation of TLS Protocol

    More: http://www.securityweek.com/amazon-releases-new-open-source-implementation-tls-protocol Just a server implementation, as far as I can tell, not a client implementation. Still, good news.
  2. lbft

    Mozilla announces the death of unencrypted HTTP

    https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/ Mozilla has posted an announcement to their security blog that they are deprecating plain HTTP without encryption. They plan to do that by: Presumably nothing will happen until after Let's Encrypt's free certs are...
  3. texteditor

    Might wanna recompile or patch that OpenSSL, buddy (4/7/2014)

    http://heartbleed.com/ http://blog.cloudflare.com/staying-ahead-of-openssl-vulnerabilities https://access.redhat.com/security/cve/CVE-2014-0160 https://www.openssl.org/news/secadv_20140407.txt OpenSSL's TLS ~1.0.1 through 1.0.2+ has a leak in the heatbeat extension that can cause private key...
  4. T

    TLS 1.2: AES_128_GCM or AES_256_CBC for better security?

    Hi, I want to set up a ssl server with best security. I can force my friends to use browsers with TLS support. For now, Chrome support AES_128_GCM and AES_256_CBC with TLS 1.2. What cipher should I choose? Are there any diffrence on 128 bits and 256 bits in this case?
Top