On Tue, 5 Dec 2017 19:21:50 +
"Salz, Rich via openssl-dev" wrote:
> There is never any reason to use this in TCP-based TLS;
> that was an OpenSSL bug that enabled it there.
I opened an issue for this bug, so it can be fixed:
thanks Hanno and Rich.
On Tue, 12/5/17, Hanno Böck wrote:
Subject: Re: [openssl-dev] frequency and size of heartbeat requests
To: openssl-dev@openssl.org
Cc: "Jitendra Lulla"
Date: Tuesday, December 5, 2017,
You can re-use the keys, but then you get no forward secrecy, and sessions
generated with one connection are vulnerable to another.
Why are you using DH? Unless you have compelling reasons (interop with
legacy), you really should use ECDHE.
--
openssl-dev mailing list
To unsubscribe: