[Wikimedia-l] Disinformation regarding perfect forward secrecy for HTTPS
Anthony
wikimail at inbox.org
Sat Aug 3 02:23:58 UTC 2013
On Fri, Aug 2, 2013 at 10:07 PM, Anthony <wikimail at inbox.org> wrote:
>
> Anthony wrote:
>> >
>> > How much padding is already inherent in HTTPS?
>>
>> None, which is why Ryan's Google Maps fingerprinting example works.
>>
>
> Citation needed.
>
Also please address
https://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Padding
It seems that the ciphers which run in CBC mode, at least, are padded.
Wikipedia currently seems to be set to use RC4 128. I'm not sure what, if
any, padding is used by that cipher. But presumably Wikipedia will switch
to a better cipher if Wikimedia cares about security.
More information about the Wikimedia-l
mailing list