%% how about: >= 2048 bits for RSA
%% >= 256 bits for ECC?
-\subsection{Recommendations based on currently available information}
-
-Configuration A:
-strong ciphers, fewer users
-
-MACs: Do not use SHA1. Why? XXX insert literature . BSI/ ENISA page XXX
-Chaining mode: CTR, GCM, CCM (in this order). XXX add reference to literature XXX
-ciphers: XXX add reference to literature XXX
-Key Exchange: ECDHE\_RSA, DHE\_RSA, ECDHE\_ECDSA, (be careful about DH parameters . We want > 2048 bits) XXX FIXME: why? references to literature XXX
-
-
-\subsubsection{Configuration B}
-weaker ciphers, more users.
-
-
-MACs: SHA1: allowed
-Chaining mode: GCM, CCM, CBC.
-ciphers: XXX add reference to literature XXX
-Key Exchange: ECDHE\_RSA, DHE\_RSA, ECDHE\_ECDSA, (be careful about DH parameters . We want > 2048 bits)