On Friday 22 May 2015 15:41:09 Nayna Jain wrote: > Hi, > > With the latest logjam attack, as I was trying to verify if my server > (lighttpd) accepts DHE_xxx ciphers, I saw that it accepted and I didn't > do any configuration setting done for DH parameters explicitly.
There's no default in OpenSSL, applications need to set the DH parameters themselves. > But I couldn't verify what is the key length did it use by default > 512/1024/2048 ? openssl s_client -connect hostname:443 -cipher EDH </dev/null 2>/dev/null | grep 'Server Temp Key' > Will the key length be different for different protocols like > SSLv3/TLSv1.0/TLSv1.1/TLSv1.2? If yes , then what for each of them. no, it will be the same for all protocols -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
