Thomas Shaddack wrote:
I have a standard implementation of OpenSSL, with Diffie-Hellman prime in
the SSL certificate. The DH cipher suite is enabled.
Is it safe to keep one prime there forever, or should I rather
periodically regenerate it? Why? If yes, what's some sane period to do so:
Thomas Shaddack writes:
I have a standard implementation of OpenSSL, with Diffie-Hellman prime in
the SSL certificate. The DH cipher suite is enabled.
Is it safe to keep one prime there forever, or should I rather
periodically regenerate it? Why? If yes, what's some sane period to do so:
I have a standard implementation of OpenSSL, with Diffie-Hellman prime in
the SSL certificate. The DH cipher suite is enabled.
Is it safe to keep one prime there forever, or should I rather
periodically regenerate it? Why? If yes, what's some sane period to do so:
day, week, month?
If the
