Closed
Bug 798943
Opened 13 years ago
Closed 11 years ago
Prefer (require?) PFS cipher suites for DTLS-SRTP
Categories
(Core :: WebRTC: Networking, defect, P3)
Tracking
()
RESOLVED
DUPLICATE
of bug 1052610
People
(Reporter: ekr, Assigned: ekr)
References
Details
(Whiteboard: [WebRTC] [blocking-webrtc-])
We should prefer PFS cipher suites.
|
||
Updated•13 years ago
|
Whiteboard: [WebRTC] [blocking-webrtc+]
|
||
Updated•13 years ago
|
Flags: needinfo?(ekr)
|
Assignee | |
Comment 2•13 years ago
|
||
I don't think it blocks preffing on. I believe we already choose them
Flags: needinfo?(ekr)
|
|
||
Updated•13 years ago
|
Whiteboard: [WebRTC] [blocking-webrtc+] → [WebRTC] [blocking-webrtc-]
|
||
Comment 3•12 years ago
|
||
(In reply to Eric Rescorla (:ekr) from comment #0)
> We should prefer PFS cipher suites.
This seems like a reasonable idea. But, I am curious about the reasoning. Is there a particular reason that PFS is especially important for DTLS-SRTP?
|
||
Comment 5•11 years ago
|
||
I think so, but we were blocked on chrome. See bug 996237 for the original; but I can't find the chromium bug (which should have landed).
Depends on: 996237
|
|
||
Comment 6•11 years ago
|
||
Bug 1052610 has already landed the code for this. Now that Chrome finally supports ECDHE properly, we can remove the #ifdef 0 guards.
Status: NEW → RESOLVED
Closed: 11 years ago
Flags: needinfo?(martin.thomson)
Resolution: --- → DUPLICATE
|
|
||
Comment 7•11 years ago
|
||
Oh, and I should note, that change *requires* PFS, it's not a mere preference (something we have from NSS anyway).
You need to log in
before you can comment on or make changes to this bug.
Description
•