Re: running openssl dhparam in %post

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 09/17/2015 09:07 PM, Daniel Pocock wrote:

> For reSIProcate 1.10.0, we will support PFS on TLS connections, this
> requires a DH parameters file to be generated on each installation of
> the package.

Why is forward secrecy with ECDHE not good enough?  For that, you won't
need to generate DH parameters at all.

-- 
Florian Weimer / Red Hat Product Security
--
packaging mailing list
packaging@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/packaging




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite Forum]     [KDE Users]

  Powered by Linux