Author: Phil Pennock Date: To: exim-dev CC: Janne Snabb Subject: [exim-dev] Exim RC6 coming, standard primes added
I snapped. I exercised Release Coordinator's prerogative and added a
feature to Exim, to try to stabilise and get away from the can of worms
I opened when I changed the number of bits asked for in a generated
prime for Diffie-Hellman key exchange.
The suggestion in the docs to regenerate DH primes periodically if
you're paranoid is for the truly insanely barking mad paranoid. In
fact, if you're paranoid, you'll not trust the primes generated by
GnuTLS and will generate something and run it through a battery of
tests, before maybe using it.
Or, use a standard prime. Some primes suitable for use in DH are
specified in RFCs, as public data. Numbered, for use in IKE.
So I changed "tls_dhparams" to take a path or an identifier.
Previously, GnuTLS ignored this option, OpenSSL requires a path. Now,
for both, if it is unset or one of a set of documented identifiers, then
a standard prime is used. If it is set to "historic" and GnuTLS is
used, a file inside the spool directory is used. If it is set to point
to a path, then OpenSSL will load the file as before, and GnuTLS will
treat it like it treats a file in the spool directory: it will load it
if it exists, otherwise create a temp file in the same directory, then
try to rename it into place.
The default prime used is 2048 bits, so fits well within the limits of
NSS.
The primes labelled "ike1" and "ike14" are built into OpenSSH as
defaults to use if /etc/ssh/moduli does not exist, with 14 being the
one used at present.
The code is committed. I will look to see if I should import the
OpenSSH primes from moduli(5) (probably not, if someone wants it then
they can always create a file and point tls_dhparam at it), perhaps add
another alias, and then start running the test suite, then cut RC6.