Robert J. Hansen
rjh at sixdemonbag.org
Wed Jan 25 14:41:10 CET 2017
> This whole banning of SHA-1 and 3DES for public https servers and in
> particular ssllabs' new grades is mostly security theater.
For that matter, I'm still in the dark as to what the big problem with
three-key 3DES is. The best attack against it requires more RAM than
exists in the entire world and only reduces it to 112 bits.
3DES is slow, ungainly, and has been largely replaced by better
ciphers... but *unsafe*?
More information about the Gnupg-users