help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: Fwd: Re: Diffie Hellman size?

From: Simon Josefsson
Subject: [Help-gnutls] Re: Fwd: Re: Diffie Hellman size?
Date: Tue, 15 Apr 2008 20:38:34 +0200
User-agent: Gnus/5.110007 (No Gnus v0.7) Emacs/22.1 (gnu/linux) 
"Nikos Mavrogiannopoulos" <address@hidden> writes:

> On Tue, Apr 15, 2008 at 12:23 PM, Simon Josefsson <address@hidden> wrote:
>  > FYI,
>  >
>  >  I asked Peter Gutmann about this, who recently posted some mathematical
>  >  limits he used in:
>  >
>  >  http://permalink.gmane.org/gmane.ietf.smime/6175
>  >
>  >  His response is below.  So there seems to be good reasons why we
>  >  shouldn't allow too small DH prime modulus.  Although I'd prefer if this
>  >  were a bit better documented.
>
>  We also have this:
>  
> http://www.gnu.org/software/gnutls/manual/html_node/Selecting-cryptographic-key-sizes.html#Selecting-cryptographic-key-sizes
>
>  The values apply to DH parameters as well.

Ah, thanks.  I think that answer this question well.

I'm surprised openssl would accept such low DH parameters (which I
recall the debian BTS discussion implied?), it seems insecure to me.

/Simon
reply via email to
[Prev in Thread] Current Thread [Next in Thread]