Re: [exim] REPOST: Possible TLS weakness in Exim? (to be not…

Pàgina inicial
Delete this message
Reply to this message
Autor: Florian Weimer
Data:  
A: exim-users
CC: Ralf G. R. Bergs
Assumpte: Re: [exim] REPOST: Possible TLS weakness in Exim? (to be noticed with Opera and Exim 4.50 from Debian stable)
* Philip Hazel:

> I am not a cryptographer. If certain experts (NIST, BSI) recommend
> larger numbers than the current 768 (which came with the contributed
> code, I suppose), then I am happy to change the number without regard to
> the PR aspects. Unless somebody tells me not to, I am about to change it
> to 1024 for the next release.


1024 is as good as any other value in that range, and should also make
those Opera users happy. 1024 is also used in the GnuTLS example
code, which means that we can be quite sure that it works well
(i.e. that it does not hit some limits within the GnuTLS library).