On 11/06/2013 05:08 AM, Karthikeyan Bhargavan wrote:
On the precise number of minimum bits, please note that IIS uses a static
768-bit Diffie Hellman prime, specifically Group 1 from IKEv2 (rfc5996,
appendix B.1)/
I suspect a number of other servers may do the same; hence the numbers you see
for NSS and GnuTLS.
That's disappointing, esp. since RFC 5996 explicitly says:
The strength supplied by group 1 may not be sufficient for typical
uses and is here for historic reasons.
Does anyone on this list have a contact in the IIS or SChannel team
within Microsoft? I'd like to encourage them to change this.
--dkg
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org