Am 17.11.2013 23:36, schrieb Fedor Brunner: > Please increase the size of Diffie-Hellman parameters in > http://www.postfix.org/TLS_README.html > You recommend 1024 bit DH parameters, but for long term protection, > these parameters are too short. > > During ephemeral Diffie-Hellman (EDH) key exchange a temporary key is > generated from DH parameters. This temporary key is used for encryption > of the communication and the server public RSA key is used ONLY for > signing of this temporary key and NOT for encryption of the > communication. If you use DH parameters shorter than you RSA key, you > are weakening your encryption. > > https://wiki.openssl.org/index.php/Diffie_Hellman > https://wiki.openssl.org/index.php/Diffie-Hellman_parameters > > > If you are interested in more technical information about key sizes I > highly recommend: > > http://www.keylength.com/en/compare/ > > Yearly Report on Algorithms and Keysizes (2012), D.SPA.20 Rev. 1.0, > ICT-2007-216676 ECRYPT II, 09/2012. > > Recommendation for Key Management, Special Publication 800-57 Part 1 > Rev. 3, NIST, 07/2012
that's all fine but breaks interoperability leading in opportunistic mode which is needed on the MTA side to let clients fall back to *unencrypted* connections - so you may consider what is better - 1024 bit or no encryption at all you can do that on a webserver but not on a MTA
