|
From: | Patrick Pelletier |
Subject: | Re: GnuTLS/NSS interop in Exim 4.80 RC |
Date: | Tue, 22 May 2012 02:15:00 -0700 |
On May 22, 2012, at 1:38 AM, Janne Snabb wrote:
Even if the hardlimit in NSS is fixed quickly, this will be a burden for TLS server sidedevelopers for many years to come.
It almost seems like a new TLS extension should be proposed, where the client can tell the server how many bits of DH it is willing to accept. (Similar in spirit, although simpler than, the extension used to negotiate curves for elliptic curve.) If the client sends the extension, then the server can know with confidence what size of DH params are acceptable. If the client doesn't send the extension, the server can make a conservative assumption. (Probably 2236 bits.)
Without such an extension, it seems like TLS servers that are concerned about interoperability (such as on the Web) will have to avoid exceeding 2236 bits for quite a long time.
--Patrick
[Prev in Thread] | Current Thread | [Next in Thread] |