Re: [openssl-dev] A question DH parameter generation and usage

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Rich,

Thanks for the reply. We are planning to use  DHE_RSA based ciphers.

Regards
Jaya

On Wed, Dec 6, 2017 at 7:20 PM, Salz, Rich via openssl-users <openssl-users@xxxxxxxxxxx> wrote:

You can re-use the keys, but then you get no forward secrecy, and sessions generated with one connection are vulnerable to another.

 

Why are you using DH?  Unless you have compelling reasons (interop with legacy), you really should use ECDHE.

 


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux