On Tue, May 22, 2012 at 11:15 AM, Patrick Pelletier <[email protected]> wrote:
> It almost seems like a new TLS extension should be proposed, where the > client can tell the server how many bits of DH it is willing to accept. > (Similar in spirit, although simpler than, the extension used to negotiate > curves for elliptic curve.) If the client sends the extension, then the > server can know with confidence what size of DH params are acceptable. If > the client doesn't send the extension, the server can make a conservative > assumption. (Probably 2236 bits.) Such an extension would be useful, as it could be used to communicate the DH exponent size which now is only known to the server. That would also optimize the key exchange. However I doubt that the WG would accept such a modification (most probably such a proposal will be answered with why don't you use ECDH?). regards, Nikos _______________________________________________ Help-gnutls mailing list [email protected] https://lists.gnu.org/mailman/listinfo/help-gnutls
