On 22/05/2015 08:30, Jeffrey Walton wrote: > On Fri, May 22, 2015 at 1:55 AM, Jakob Bohm <jb-openssl at wisemo.com> wrote: >> On 22/05/2015 07:18, Jeffrey Walton wrote: >>> On Fri, May 22, 2015 at 12:51 AM, Jakob Bohm <jb-openssl at wisemo.com> >>> wrote: >>>> On 22/05/2015 03:57, Jeffrey Walton wrote: >>>>>> As an additional change for 1.0.2c or later (no need to >>>>>> delay the urgent fix), maybe adjust internal operations >>>>>> to discourage use of hardcoded DH groups for TLS DH (but >>>>>> NOT for generic DH-like operations such as openssl-based >>>>>> implementations of SRP). >>>>> That's going to be tough because standards groups like the TLS WG are >>>>> actively promoting fully specified, named parameters and curves. >>>>> >>>>> See, for example, "Negotiated Finite Field Diffie-Hellman Ephemeral >>>>> Parameters for TLS", >>>>> https://tools.ietf.org/html/draft-ietf-tls-negotiated-ff-dhe-09; and >>>>> the discussion of magic primes at "Re: [TLS] Another IRINA bug in >>>>> TLS", https://www.ietf.org/mail-archive/web/tls/current/msg16417.html. >>>>> (The thread is due to the recent attacks on DH). >>>> The latter thread contains posts from respected experts >>>> asking not to use fixed parameters for DH... >>> Well, I'm not sure how much more respected one can get than Daniel >>> Kahn Gillmore, Stephen Farrell, Eric Recorla; or have better >>> credentials than practicing cryptographers. >>> >>> How high is your bar :) >> Whom did I say were not highly respected cryptographers? >> ... >> I saw no posts in that thread arguing why fixed DH groups >> would be a good thing. > That's Gillmor's > https://tools.ietf.org/html/draft-ietf-tls-negotiated-ff-dhe-09. Its a > set of fixed DH groups called out by name for use in TLS. > > Or are you talking about server certificates with fixed DH parameters? I was talking about the current post-logjam discussion thread, not the pre-logjam draft. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded
