Hello, I've tried to look around for some info, but found none.
openssl dhparam -out /tmp/dh4096.pem 4096 takes tens of minutes, while certtool --generate-dh-params --bits 4096 > /tmp/dh4096.pem takes 2 seconds. I guess this was probably noticed by someone else, too, and it has been asked a few times but I see no answer. Openssl say it's looking for safe primes, and does it for quite a long time. I would guess that certtol either know a groundbreaking new way to find safe primes or doesn't bother at all? As my understanding goes generating DH params with not safe primes is not very useful? Please show me the light. Thanks, Peter _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
