[gnutls-help] certtool generate-dh-params is fast, but is it secret? is it safe?
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sun Jan 22 01:06:38 CET 2017
On Wed, Jan 18, 2017 at 2:02 PM, Peter Gervai <grin at grin.hu> wrote:
> Hello,
>
> I've tried to look around for some info, but found none.
I believe that you misunderstand what these parameters are and how are
they used.
There is some older blog discussing some details:
http://nmav.gnutls.org/2011/12/generating-diffie-hellman-parameters.html
However it is not accurate since then nettle already supports DH
parameter generation and that's the DSA-style of DH parameters.
But it doesn't matter. If you are generating random parameters, don't do it.
https://gitlab.com/gnutls/gnutls/commit/63b4a81a107101e3a4517d0402e494983700714d#04efa6908cdf650892ddc97766b5fadce0048fc0_1720_1717
regards,
Nikos
More information about the Gnutls-help
mailing list