Re: [exim] REPOST: Possible TLS weakness in Exim? (to be not…

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Hill Ruyter
Fecha:  
A: exim-users
Asunto: Re: [exim] REPOST: Possible TLS weakness in Exim? (to be noticed with Opera and Exim 4.50 from Debian stable)
Hi

Without understanding what is or isn't possible in your code I would like to
make a suggestion

If you can make it possible for administrators to choose then please do and
give options in the following increments :

768
1024
2048
4096

People who want low processing overhead and are not hugely bothered by
security will probably like the 1024 option

Slightly more paranoid businesses who are concerned about the data
transmitted are beginning to migrate to 2048 key lengths
Government will use 2048 or 4096 depending on the classification of
information and transmission medium used for the data

"[Bruce Schneier recommends] 1280 bits through 2005 for individuals, 1536
for corporations, and 2048 for governments. "

If however it is not possible to give options then 1024 is considered
safe-ish for the moment 2048 would be preferred if it does not cause too
high a processing overhead.

Kind regards

Hill Ruyter

----- Original Message -----
From: "Philip Hazel" <ph10@???>
To: "Ralf G. R. Bergs" <Ralf+exim@???>
Cc: <exim-users@???>; "Florian Weimer" <fw@???>
Sent: Monday, December 04, 2006 2:48 PM
Subject: Re: [exim] REPOST: Possible TLS weakness in Exim? (to be noticed
with Opera and Exim 4.50 from Debian stable)


> On Mon, 4 Dec 2006, Ralf G. R. Bergs wrote:
>
>> > NIST recommends to use 1024 bits. BSI (the German one, not the
>> > British) recommends 1280 bits. Both do not really differentiate
>> > between ephemeral session keys and long-term keys. But bumping the
>>
>> But it makes quite a difference how you use them... :-)
>>
>> > value is easy and probably the right thing to do from a PR angle.
>>
>> I doubt that it's a good idea to just change something to look good from
>> a PR point of view. :-)
>>
>> What I *do* consider important, tho, is that we get the Opera guys and
>> Exim to agree upon what is safe and what is unsafe. What do you think
>> about this?
>
> I am not a cryptographer. If certain experts (NIST, BSI) recommend
> larger numbers than the current 768 (which came with the contributed
> code, I suppose), then I am happy to change the number without regard to
> the PR aspects. Unless somebody tells me not to, I am about to change it
> to 1024 for the next release. Or should I use 1280?
>
>
> -- 
> Philip Hazel            University of Cambridge Computing Service
> Get the Exim 4 book:    http://www.uit.co.uk/exim-book

>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>