GnuTLS/NSS interop in Exim 4.80 RC
Patrick Pelletier
code at funwithsoftware.org
Tue May 22 11:15:00 CEST 2012
On May 22, 2012, at 1:38 AM, Janne Snabb wrote:
> Even if the hard
> limit in NSS is fixed quickly, this will be a burden for TLS server
> side
> developers for many years to come.
It almost seems like a new TLS extension should be proposed, where the
client can tell the server how many bits of DH it is willing to
accept. (Similar in spirit, although simpler than, the extension used
to negotiate curves for elliptic curve.) If the client sends the
extension, then the server can know with confidence what size of DH
params are acceptable. If the client doesn't send the extension, the
server can make a conservative assumption. (Probably 2236 bits.)
Without such an extension, it seems like TLS servers that are
concerned about interoperability (such as on the Web) will have to
avoid exceeding 2236 bits for quite a long time.
--Patrick
More information about the Gnutls-help
mailing list