On 8/22/20 7:26 PM, Kevin Kofler wrote:
Christopher Engelhard wrote:
tl;dr should we make it easier/automatic for users to use the
Diffie-Hellman parameters defined in RFC7919?
While I understand the motivation behind the RFC (interoperability, safety
against intentionally or unintentionally ba
On 24.08.20 20:06, Simo Sorce wrote:
> This has been proposed (somewhere, I forgot where) before, and it is a
> definite possibility.
> Unclear what package would distribute them, potentially the crypto-
> policies package.
Or a separate package, but at least the logic of selecting a default
from
- Original Message -
> From: "Simo Sorce"
> To: "Development discussions related to Fedora"
>
> Sent: Monday, August 24, 2020 2:06:19 PM
> Subject: Re: RFC7919 Diffie-Hellman parameters in Fedora
>
> On Mon, 2020-08-24 at 19:29 +0200, Christoph
On Mon, 2020-08-24 at 19:29 +0200, Christopher Engelhard wrote:
> On 24.08.20 18:43, Simo Sorce wrote:
> > On Fri, 2020-08-21 at 16:13 +0200, Christopher Engelhard wrote:
> > We already are making it easier in some ways, but feel free to open a
> > bug if there are specific components you are worri
On 24.08.20 18:43, Simo Sorce wrote:
> On Fri, 2020-08-21 at 16:13 +0200, Christopher Engelhard wrote:
> We already are making it easier in some ways, but feel free to open a
> bug if there are specific components you are worried about.
What ways are that?
I'm not worried about any specific compo
On Sun, Aug 23, 2020 at 2:27 AM Kevin Kofler wrote:
> While I understand the motivation behind the RFC (interoperability, safety
> against intentionally or unintentionally bad parameters), hardcoded
> parameters sound suspicious to me.
I'll note that the RFC 7919 values were added
as available i
On Fri, 2020-08-21 at 16:13 +0200, Christopher Engelhard wrote:
> Hi,
> tl;dr should we make it easier/automatic for users to use the
> Diffie-Hellman parameters defined in RFC7919?
We already are making it easier in some ways, but feel free to open a
bug if there are specific components you are
On Sun, 2020-08-23 at 04:26 +0200, Kevin Kofler wrote:
> Christopher Engelhard wrote:
> > tl;dr should we make it easier/automatic for users to use the
> > Diffie-Hellman parameters defined in RFC7919?
>
> While I understand the motivation behind the RFC (interoperability, safety
> against intent
On 23.08.20 04:26, Kevin Kofler wrote:
> While I understand the motivation behind the RFC (interoperability, safety
> against intentionally or unintentionally bad parameters), hardcoded
> parameters sound suspicious to me. How do we know that these are not chosen
> to allow the NSA or some other
Christopher Engelhard wrote:
> tl;dr should we make it easier/automatic for users to use the
> Diffie-Hellman parameters defined in RFC7919?
While I understand the motivation behind the RFC (interoperability, safety
against intentionally or unintentionally bad parameters), hardcoded
parameters s
Hi,
tl;dr should we make it easier/automatic for users to use the
Diffie-Hellman parameters defined in RFC7919?
For a long time, the general recommendation for Finite-Field
Diffie-Hellman Ephemeral Parameters (FFDHE, for use with
non-elliptic-curve DH, i.e. the dhparam-file many server config
11 matches
Mail list logo
