Jason Wittlin-Cohen [EMAIL PROTECTED] wrote:
I noticed that the default DH keysize in FreeRadius 1.1.3 is 512 bits.
If you're talking about the key length in the EAP-TLS module, it
looks like those aren't being used for anything. See the source.
It does look like the EAP-TLS code is
Alan DeKok wrote:
Jason Wittlin-Cohen [EMAIL PROTECTED] wrote:
I noticed that the default DH keysize in FreeRadius 1.1.3 is 512 bits.
If you're talking about the key length in the EAP-TLS module, it
looks like those aren't being used for anything. See the source.
Jason Wittlin-Cohen [EMAIL PROTECTED] wrote:
So, if dh_key_length is being ignored, how is the DH key size
determined? By the DH parameter file?
Apparently.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
-
List
I noticed that the default DH keysize in FreeRadius 1.1.3 is 512 bits.
As DH keys have approximately the same strength as RSA keys, and 512
bit RSA keys have already been broken, wouldn't it be adviseable to use
at least 1024 bit DH keys as the minimum size. 1024 bits is currently
the minimum
4 matches
Mail list logo
