Re: [exim-dev] [Bug 2954] New: tls_eccurve (>= OpenSSL 3.0.0…

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MViktor Dukhovni at <-
MViktor Dukhovni at ->
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Subject: Re: [exim-dev] [Bug 2954] New: tls_eccurve (>= OpenSSL 3.0.0) dysfunctional
On 02/01/2023 04:16, Viktor Dukhovni via Exim-dev wrote:
> Mind you, things are a bit complicated with TLS 1.3, where ECDHE groups
> and FFDHE groups are unified and always negotiated, and setting the
> grouplist to just ECDHE groups will disable FFDHE.

Is there any particular advantage, or behaviour difference, in
FFDHE vs. ECDHE?

Is it mostly "EC keys are smaller, for equivalent protection"?
--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] [Bug 2954] New: tls_eccurve (>= OpenSSL 3.0.0) dysfunctionalRe: [exim-dev] [Bug 2954] New: tls_eccurve (>= OpenSSL 3.0.0) dysfunctional->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)