Re: DH Group Exchange Fallback

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On 25 September 2017 at 02:32, Mark D. Baushke <mdb@xxxxxxxxxxx> wrote:
> [+CC Loganaden Velvindron <logan@xxxxxxxxxx>] primary author of
> the RFC 4419 refresh draft.

https://datatracker.ietf.org/doc/draft-lvelvindron-curdle-dh-group-exchange/ ?

Tangent: has any consideration been given to increasing the maximum
allowed beyond 8192 bits (which is below the current NIST
recommendation for 256 bits of security)?  Last time I looked OpenSSL
supported 10k bits out of the box so it probably wouldn't be hard to
support that in OpenSSH.

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860  37F4 9357 ECEF 11EA A6FA (new)
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux