Re: Proposed change to linux kernel about random numbers

On 18/09/2019 20:58, Salz, Rich via openssl-users wrote: Please take a look at https://lore.kernel.org/lkml/CAHk-=wiGg-G8JFJ=r7qf0b+utqa_weouk6v+mcmfsljlrq6...@mail.gmail.com/ and consider giving your comments. TL;DR:  see the comment below. + * Hacky workaround for the fact that some

Proposed change to linux kernel about random numbers

Please take a look at https://lore.kernel.org/lkml/CAHk-=wiGg-G8JFJ=r7qf0b+utqa_weouk6v+mcmfsljlrq6...@mail.gmail.com/ and consider giving your comments. TL;DR: see the comment below. + * Hacky workaround for the fact that some processes + * ask for truly secure random numbers and absolutely

Re: DH group cipher suites getting rejected

* However if I try ECDHE, it works fine. Is DHE only cipher suites less common now ? * I believe its responsibility of server to generate DHparam of large enough size. Yes, DHE has dropped because it is hard to get right, and it takes more CPU cycles than ECDHE.

DH group cipher suites getting rejected

Hi, Why google rejected DH ciphers suites, I am trying *openssl s_client -cipher 'DHE-RSA-AES128-GCM-SHA256' -connect www.google.com:443 * However if I try ECDHE, it works fine. Is DHE only cipher suites less common now ? I believe its responsibility of server to