On Fri, Sep 13, 2013 at 10:51:06PM +0200, Kurt Roeckx wrote:
> I think gnutls by default has a minimum size of 727 for the DH
> size while openssl doesn't have any check for this. But if you're
> using DH you really want to move to something like 2048 if
> possible.
This prime size is pretty irrelevant for opportunistic TLS. If the
server is prepared to do unencrypted session, then some encryption is
better then no encryption.
Bastian
--
Those who hate and fight must stop themselves -- otherwise it is not stopped.
-- Spock, "Day of the Dove", stardate unknown
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20130913212338.gb24...@mail.waldi.eu.org
