[gnutls-help] certtool generate-dh-params is fast, but is it secret? is it safe?

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Jan 22 01:06:38 CET 2017

On Wed, Jan 18, 2017 at 2:02 PM, Peter Gervai <grin at grin.hu> wrote:
> Hello,
> I've tried to look around for some info, but found none.

I believe that you misunderstand what these parameters are and how are
they used.

There is some older blog discussing some details:
However it is not accurate since then nettle already supports DH
parameter generation and that's the DSA-style of DH parameters.

But it doesn't matter. If you are generating random parameters, don't do it.


More information about the Gnutls-help mailing list