Re: RFC7919 Diffie-Hellman parameters in Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 2020-08-21 at 16:13 +0200, Christopher Engelhard wrote:
> Hi,
> tl;dr should we make it easier/automatic for users to use the 
> Diffie-Hellman parameters defined in RFC7919?

We already are making it easier in some ways, but feel free to open a
bug if there are specific components you are worried about.

Simo.

> For a long time, the general recommendation for Finite-Field 
> Diffie-Hellman Ephemeral Parameters (FFDHE, for use with 
> non-elliptic-curve DH, i.e. the dhparam-file many server configs ask us 
> to specify) used in TLS was to generate your own. However, RFC7919 
> specifies fixed, auditable parameters with lengths of 2048-8102 bits 
> [1], Mozilla has switched their recommendation from 'generate your own' 
> to 'use ffdhe2048' [2] and IIRC TLSv3 mandates their use.
> 
> Main advantage in using them is a) since they're fixed & well-defined, 
> they can be and are audited, b) clients don't have to check whether 
> parameters they're given by a server are legit or meddled with 
> (something that usually any client program would have to but few 
> actually do).
> 
> So, questions:
> 1) do we already ship these groups somewhere, e.g. via a package that I 
> don't know about? If not, should we maybe add one?
> 2) Many programs either ship their own dhparam files (on my systems at 
> least proftpd, certbot & openssh, via the moduli file) or expect the 
> user to point them to one (like webservers, dovecot, postfix etc.) + 
> some for sure hardcode some defaults if the user does not specify 
> parameters. Would it make sense to change their defaults - if possible - 
> to use (one of the) RFC7919 groups? One could even integrate this with 
> crypto-policies, if at some point one wants to e.g. change the desired 
> group size.
> 
> Best,
> Christopher
> 
> [1] https://tools.ietf.org/html/rfc7919
> [2] https://wiki.mozilla.org/index.php?title=Security/Server_Side_TLS
> _______________________________________________
> devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
> Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx

-- 
Simo Sorce
RHEL Crypto Team
Red Hat, Inc



_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux