You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository was archived by the owner on Jan 21, 2019. It is now read-only.
There are some default Diffie-Hellman parameters as part of p1_tls_drv.c. These parameters appear to be used in the event that parameters are not provided, but they are only 1024 bits which is considered vulnerable to nation-state level attackers[0]. It would be great if these were bumped up to the 2048-bit MODP Group with 256-bit Prime Order Subgroup parameters (also part of RFC 5114[1], section 2.3).
There are some default Diffie-Hellman parameters as part of p1_tls_drv.c. These parameters appear to be used in the event that parameters are not provided, but they are only 1024 bits which is considered vulnerable to nation-state level attackers[0]. It would be great if these were bumped up to the 2048-bit MODP Group with 256-bit Prime Order Subgroup parameters (also part of RFC 5114[1], section 2.3).
[0] https://weakdh.org/
[1] https://www.ietf.org/rfc/rfc5114.txt