[gnutls-devel] weak dh issue
Kurt Roeckx
kurt at roeckx.be
Wed May 20 19:11:18 CEST 2015
On Wed, May 20, 2015 at 05:10:20PM +0200, Nikos Mavrogiannopoulos wrote:
> According to https://weakdh.org/ there is a new attack which relies on
> clients accepting weak DHE parameters. GnuTLS is unaffected by this
> attack, and it seems like a good choice that we always imposed higher
> standards for parameters than other implementations despite the many
> bug reports [0] in the past.
But you should consider changing the minimum to 1024 instead of
the current 768.
Kurt
More information about the Gnutls-devel
mailing list