[gnutls-devel] weak dh issue

Nikos Mavrogiannopoulos nmav at gnutls.org
Wed May 20 20:32:29 CEST 2015

On Wed, 2015-05-20 at 19:11 +0200, Kurt Roeckx wrote:
> On Wed, May 20, 2015 at 05:10:20PM +0200, Nikos Mavrogiannopoulos wrote:
> > According to https://weakdh.org/ there is a new attack which relies on
> > clients accepting weak DHE parameters. GnuTLS is unaffected by this
> > attack, and it seems like a good choice that we always imposed higher
> > standards for parameters than other implementations despite the many
> > bug reports [0] in the past.
> But you should consider changing the minimum to 1024 instead of
> the current 768.

Checking it further, it seems the current is not 768 but 1008. It is the
web page that wasn't updated.


More information about the Gnutls-devel mailing list