undefined | Better HN

0 pointsdeathanatos7y ago0 comments

Assume that non-PFS ciphersuites had remained in TLS: You still have to trust the endpoint to not negotiate a PFS ciphersuite.

0 comments

Yes, but a failure to do so would be considered a compromise, as opposed to a simple network failure.

j / k navigate · click thread line to collapse

0 pointsdeathanatos7y ago0 comments

Assume that non-PFS ciphersuites had remained in TLS: You still have to trust the endpoint to not negotiate a PFS ciphersuite.

Yes, but a failure to do so would be considered a compromise, as opposed to a simple network failure.

j / k navigate · click thread line to collapse