httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 49559] Patch to add user-specified Diffie-Hellman parameters
Date Sun, 15 Sep 2013 14:23:33 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49559

--- Comment #12 from Leonardo <frazzzzze@gmail.com> ---
DH-parameters should always be at least the same size as the SSL certificate,
so if I use 4096 or even 8192 bit for the certificate a DH parameter with only
2048 bit would effectively weaken the whole connection down to 2048 bit, which
we don't want and in a few years we would have the exactly same situation ( DH
parameters too weak and not FULLY selectable) as we do right now 
So please consider this and let the admin choose freely, but at least make sure
DH parameters bits are never smaller than SSL certificate bits!

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message