Hi Vincent, On Sat, Apr 26, 2014 at 10:11:53AM +0200, Vincent Bernat wrote: > ??? 25 avril 2014 17:22 CEST, Willy Tarreau <[email protected]> : > > > - ssl: Add standardized DH parameters >= 1024 bits > > (I still don't understand what this is about, I'm clearly far from > > being even an SSL novice). I have no idea whether it can be related > > or not, but at least you're using SSL so everything is possible. > > Since previously, the DH param was always 1024 bits and usually, key > sizes are 2048, I think that using a 2048 bits DH param adds a > performance impact but I never evaluated it since using a 1024 DHE param > is not unusual (or was not unusual, I am far to be up-to-date on > this). The impact should have been minimal since g is kept to 2 and this > is the important one (DHE is about g^a mod p where g and p are the DH > parameters) but we are nonetheless dealing with far more larger integers > and I suppose that the exponentiation has a performance hit when p gets > larger. > > The strength of RSA and DH are equivalent so using the same size > for both is definitively a good practice.
OK thanks for explaining. Can't this be linked to the size of the keys or anything else ? I'm asking because we can hardly accept to divide the performance by 4 for users with no solution for them to work around the issue. We know what they'll do : revert and stay on the previous version which worked well for them. Willy
