On Fri, Jun 05, 2015 at 01:56:18PM +0200, Thorsten Glaser wrote: > > OpenSSL upstream is said (citation needed) to wish to require a > 1024 bit minimum in some later version but require 768 bits now.
http://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/ > I cannot find this in either upstream's 1.0.2a release or the one > currently in sid. It should end up in all suites in Debian soon. > I did find it as commit 10a70da729948bb573d27cef4459077c49f3eb46 > in upstream's git, except the error path needs to set al too AFAICS. I'm not sure what you mean. The ssl3_check_cert_and_algorithm() function doens't have an "al" variable, it always sends the SSL_AD_HANDSHAKE_FAILURE alert. Kurt -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: https://lists.debian.org/[email protected]
