On Mon, Sep 22, 2014 at 02:30:00PM +0200, Francis GASCHET wrote:
> Hello,
>
> When we create DH parameters we have to specify the group (2 or 5).
"g=2" is not "the group", it is a generator of a large cyclic group
modulo some large prime "p". "The group" consists of the pair (p,
g), or sometimes the triple (p, g, q) where "q" is the order (size)
of of the cyclic group.
> What does happen if both sides of the connection don't use the same group ?
In TLS, the server designates the group, and the client must use
that.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
