httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject [Bug 59087] DH parameters with too small prime lengths used with openssl < 1.0.2
Date Fri, 04 Mar 2016 16:21:07 GMT

Yann Ylavic <> changed:

           What    |Removed                     |Added
                 CC|                            |

--- Comment #10 from Yann Ylavic <> ---
(In reply to Björn Jacke from comment #9)
> It is not possible to iterate once over the certs and use the strongest cert
> for the DH param size calculation?

We could do that, but it's quite complicated to work around an openssl
limitation on older versions, and that may also "annoy" some other httpd
Feel free to ask the openssl team to give the DH callback the correct private
key in 1.0.1 (and earlier) since that would be the correct fix (don't know if
that could break other usages, though).

> But in any case: If we *know* that we mis-calculate the DH param size with
> openssl 1.0.1,

We know that we *can* mis-calculate the size with incorrect configuration,
hence the change to a documentation PR.

> then we should at least set the minimum DH param length to a
> reasonable secure size. And 1024 is considered not secure these days. The
> best solution then would be to increase the minimum DH param size e.g. to
> 2048, wouldn't it? People who have interoperability issues with large DH
> sizes because of Java clients or whatever can still set fixed DH parameters
> as commented in ssl_engine_kernel.c already for the current (weak) 1024
> limit.

You could also use your own DH params with the suitable size and that's it.
There is no point to set 2048 DHs with 1024 certs, and we need the relevant
cert to figure out...
Why break existing configurations?

You are receiving this mail because:
You are the assignee for the bug.
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message