> On Dec 5, 2019, at 8:37 PM, Nasrul Zikri <[email protected]> wrote:
>
> What must the server do if the client is old and does not support the safe
> groups in RFC 7919?
Presumably the old client is doing TLS 1.2 (or 1.0), since with TLS 1.3,
the client MUST specify which groups it supports, and no others can be
used. The server can use any FFDHE group of its choice (provided suitable
DHE ciphers are supported by the client), including one of 7919 groups,
or use ECDHE if that's supported...
> The advice from Mozilla is generate a 1024-bit Diffie-Hellman group.
> Is there good code to generate safe group efficiently?
FFDHE parameter generation is too slow to do on the fly. Such groups
are pre-generated, and so the efficiency is not a significant concern.
> Will OpenSSL generate safe group?
Yes, if you ask nicely, but that's more of a question for the openssl-users
list than for the TLS WG.
It seems this thread is no longer on topic for this list, perhaps time to
consider moving any residual questions to more appropriate lists.
--
Viktor.
_______________________________________________
TLS mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tls
