Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What is best for security in regulated fields and what is mandated or forbidden for security in regulated fields are often almost disjoint sets.

Anyway, whether your phone has trouble coming up with the entropy, or preforming the math, you should probably be using something more substantial.



You're suggesting that people should pick a different phone so they can get PFS with the small fraction of SSL servers that support it?


I'm suggesting that if for some reason a site thinks that that sort of security is necessary, they shouldn't change their mind for the sake of people using their telephones.

Particularly since at the current rate of development, the average phone will be able to do it just fine in a few months.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: