> And the problem appears to be compounded by dofus legacy implementations
> that don't support PFS greater than 1024 bits. This comes from a
> misunderstanding that DH keysizes only need to be half the RSA length.
>
> So to go above 1024 bits PFS we have to either
>
> 1) Wait for all the servers to upgrade (i.e. never do it because the won't
> upgrade)
>
> 2) Introduce a new cipher suite ID for 'yes we really do PFS at 2048 bits
> or above'.
Can the client recover and do something useful when the server has a
buggy (key length limited) implementation? If so, a new cipher suite
ID is not needed, and both clients and servers can upgrade asynchronously,
getting better protection when both sides of a given connection are
running the new code.
In the case of (2) I hope you mean "yes we really do PFS with an
unlimited number of bits". 1025, 2048, as well as 16000 bits should work.
John
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
