Re: Selection of DHE ciphers based on modulus size of DH

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 6/6/2018 12:11 PM, Sanjaya Joshi wrote:
I understood that when DHE ciphers are tried to be used between two entities, it's only the server that plays a role about selection of the DH parameters. This is not negotiable with the client. For e.g., the server can freely use a very low not-recommended DH group with 512 bit key length and the client cannot deny it.

I'm pretty sure that clients can and do refuse to talk to servers with small DH parameters.

Current OpenSSL isn't willing to connect to a server using a DH key size below 1024 bits.

https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
To protect OpenSSL-based clients, we’re increasing the minimum accepted DH key size to 768 bits immediately in the next release, and to 1024 bits soon after. 

-- 
Jordan Brown, Oracle Solaris
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux