Kurt Roeckx <k...@roeckx.be> writes: > On Mon, Jun 08, 2015 at 10:00:00AM +0000, Thorsten Glaser wrote: >> Stefan Fritsch <sf <at> sfritsch.de> writes: >> >> > And custom DH groups are not that easy to handle in an automated way. >> >> Right. I'm currently suggesting each "site" to generate one and >> roll that out for the whole "site" (e.g. company, project). > > Please note that the website still says that everybody should > generate their own 2048 bit DH key, but on the ietf TLS list they > said that wasn't needed and they would update their site. 2048 > bit DH should still be strong enough that not everybody needs to > generate their own.
Encouraging custom DH groups is not a good idea, as this opens up the triple handshake attack possibility[0]. 0. https://www.secure-resumption.com/ (search for Initial DHE Handshake) <-- details an attack where a server can send custom groups -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/87vbexsv52....@muck.riseup.net
