[exim-dev] [Bug 1895] Default groups for DH possibly backdoo…

Top Page
This message is part of the following thread:
M++++\the complete thread tree sorted by date
MMMMMMadmin at <-
.....Madmin at ->
Delete this message
Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 1895] Default groups for DH possibly backdoored
https://bugs.exim.org/show_bug.cgi?id=1895

Andreas Metzler <eximusers@???> changed: 

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |eximusers@???


--- Comment #4 from Andreas Metzler <eximusers@???> ---
BTW I think the documentation on tls_dhparam is not completely correct for
GnuTLS:
----------------
If Exim is using OpenSSL and this option is empty or unset, then Exim will load
a default DH prime; the default is the 2048 bit prime described in section 2.2
of RFC 5114, "2048-bit MODP Group with 224-bit Prime Order Subgroup", which in
IKE is assigned number 23.
----------------
Afaict this is not OpenSSL-specific but also applies to GnuTLS.

--
You are receiving this mail because:
You are on the CC list for the bug.
This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-[exim-dev] [Bug 1897] New: Exim not falling back to non-TLS on callouts[exim-dev] [Bug 1897] Exim not falling back to non-TLS on callouts->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)