----- Original Message ----- > From: "Damien Miller" <djm@xxxxxxxxxxx> > To: "Hubert Kario" <hkario@xxxxxxxxxx> > Cc: "mancha" <mancha1@xxxxxxxx>, openssh-unix-dev@xxxxxxxxxxx > Sent: Tuesday, 18 February, 2014 4:53:42 AM > Subject: Re: 3des cipher and DH group size > > On Mon, 17 Feb 2014, Hubert Kario wrote: > > > > I choose standards and objective guidelines over your personal > > > definitions of "relatively secure" and "normal person". > > > > The standards say quite explicitly: iff 3DES => 2k DH. iff AES-128 => 3k > > DH. > > They don't say if SHA-1 MAC => 7k DH. > > > > But that's what current code is doing. > > > > FIPS (it even has "Standard" in the name) says that we shouldn't use > > DH with keys over 3072 bits, ever. Why you're not following it? > > FIPS always lags good practice. E.g. permitting single DES until 2007. I was trying to show that even when you "choose standards" you still have a lot of space for interpretation, not to mention you have to choose which standards you want to follow, as more often that not, they are incompatible between each other. -- Regards, Hubert Kario BaseOS QE Security team Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
