[exim-dev] [Bug 1656] New: Increase minimum size of DH

Page principale
Ce message fait partie du fil suivant :
M+\Arborescence complète du fil triée par date
MMM 
admin à ->
Supprimer ce message
Répondre à ce message
Auteur: admin
Date:  
À: exim-dev
Sujet: [exim-dev] [Bug 1656] New: Increase minimum size of DH
https://bugs.exim.org/show_bug.cgi?id=1656 

            Bug ID: 1656
           Summary: Increase minimum size of DH
           Product: Exim
           Version: 4.85+ HEAD
          Hardware: All
                OS: All
            Status: NEW
          Severity: security
          Priority: medium
         Component: TLS
          Assignee: pdp@???
          Reporter: loganaden@???
                CC: exim-dev@???


Created attachment 823
--> https://bugs.exim.org/attachment.cgi?id=823&action=edit
gnutls_dh_2048

Following the logjam attack against TLS:

weakdh.org recommends using a 2048 DH by default as a minimum.

https://weakdh.org/sysadmin.html


OpenSMTPD has made a comment for testing, and then switched to 2048 by default.

(- switched to 2048-bits DH params by default)

https://www.opensmtpd.org/announces/release-5.7.1.txt

Please note that the diff is only honored by GnuTLS.

I'm currently looking at extending it to OpenSSL. Any pointer is much
appreciated.

--
You are receiving this mail because:
You are on the CC list for the bug.
Ce message a été envoyé sur les listes de diffusion suivantes :
Exim-dev
Informations sur la liste de diffusion | Messages voisins		<-[exim-dev] [Bug 1655] New: local_scan ABI broke in 4.86, needs version bump[exim-dev] [Bug 1656] Increase minimum size of DH->
Tahini and Hummus and Cumin Development Archives administré par cumin AdminsLurker (version 2.3)