Re: [openssl-dev] frequency and size of heartbeat requests

On Tue, 5 Dec 2017 19:21:50 + "Salz, Rich via openssl-dev" wrote: > There is never any reason to use this in TCP-based TLS; > that was an OpenSSL bug that enabled it there. I opened an issue for this bug, so it can be fixed:

Re: [openssl-dev] frequency and size of heartbeat requests

thanks Hanno and Rich. On Tue, 12/5/17, Hanno Böck wrote: Subject: Re: [openssl-dev] frequency and size of heartbeat requests To: openssl-dev@openssl.org Cc: "Jitendra Lulla" Date: Tuesday, December 5, 2017,

Re: [openssl-dev] A question DH parameter generation and usage

You can re-use the keys, but then you get no forward secrecy, and sessions generated with one connection are vulnerable to another. Why are you using DH? Unless you have compelling reasons (interop with legacy), you really should use ECDHE. -- openssl-dev mailing list To unsubscribe: