[Top] [All Lists]

Re: [ietf-smtp] When using TLS, would randomizing the order of the EHLO response be helpful?

2013-03-21 10:24:44
John C Klensin wrote:
(Btw -- unless your enemy is the NSA or its non-US equivalents,
cryptanalysis is the least of your worries.  Hacking in is so
much easier.)


The references were exceptionally useful, thank you. I wasn't aware of the earlier RC4 work in Japan.

Deprecating RC4 was already part of the plan, although the interoperability issues in the SMTP space are quite different from the browser space: there are still millions of Exchange Servers out there whose only viable ciphers are RC4 and 3DES. And despite all the advances in CPU power over the years, 3DES is still expensive.

The idea of reordering the EHLO response was always a kludge, but I was still curious if it was a statistically interesting kludge.

ietf-smtp mailing list