On Tue, Jun 18, 2019 at 02:05:00PM +0200, Daniel Gustafsson wrote: > The current hardcoded EDH parameter fallback use the old SKIP primes, for > which > the source disappeared from the web a long time ago. Referencing a known dead > source seems a bit silly, so I think we should either switch to a non-dead > source of MODP primes or use an archive.org link for SKIP. Personally I > prefer > the former.
I agree with you that it sounds more sensible to switch to a new prime instead of relying on an archive of the past one. > This was touched upon, but never really discussed AFAICT, back when then EDH > parameters were reworked a few years ago. Instead of replacing with custom > ones, as suggested in [1] it we might as well replace with standardized ones > as > this is a fallback. Custom ones wont make it more secure, just add more work > for the project. The attached patch replace the SKIP prime with the 2048 bit > MODP group from RFC 3526, which is the same change that OpenSSL did a few > years > back [2]. Fine by me. Let's stick with the 2048b-long one for now as we did in c0a15e0. I am wondering if we should sneak that into v12, but I'd rather just wait for v13 to open. -- Michael
signature.asc
Description: PGP signature
