[Dovecot] DH parameter length too small?
Timo Sirainen
tss at iki.fi
Sat Nov 2 15:28:33 EET 2013
On 14.10.2013, at 19.08, Jörg Lübbert <j.luebbert at kaladix.org> wrote:
> from my understanding, using 1024bit DH parameters results in a not sufficiently secure key exchange for DH(E). Therefore I think it would be advisable to have parameters of at least 2048bit . In fact, I would see a great benefit in chosing parameter length arbitrarily.
>
> I also do not see the benefit of parameter regeneration. What were the design goals here?
http://hg.dovecot.org/dovecot-2.2/rev/43ab5abeb8f0
More information about the dovecot
mailing list