Re: [openssl-dev] A question DH parameter generation and usage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

You can re-use the keys, but then you get no forward secrecy, and sessions generated with one connection are vulnerable to another.

 

Why are you using DH?  Unless you have compelling reasons (interop with legacy), you really should use ECDHE.

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux