[Dovecot] DH parameter length too small?

Timo Sirainen tss at iki.fi
Sat Nov 2 15:28:33 EET 2013


On 14.10.2013, at 19.08, Jörg Lübbert <j.luebbert at kaladix.org> wrote:

> from my understanding, using 1024bit DH parameters results in a not sufficiently secure key exchange for DH(E). Therefore I think it would be advisable to have parameters of at least 2048bit . In fact, I would see a great benefit in chosing parameter length arbitrarily.
> 
> I also do not see the benefit of parameter regeneration. What were the design goals here?

http://hg.dovecot.org/dovecot-2.2/rev/43ab5abeb8f0



More information about the dovecot mailing list