Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 21 Oct 2015 17:01:13 +0200
From: Matthias Weckbecker <>
Subject: Re: Prime example of a can of worms

On Mon, 19 Oct 2015 17:40:14 -0400
Daniel Kahn Gillmor <> wrote:
> On the flip side, saying "use only strong (>=2048bit today in 2015?),
> well-known, well-structured, publicly-vetted groups" is very simple
> guidance: clear and easy to follow.

Interestingly I noticed OpenSSH bumped their 'DH_GRP_MIN' to 2048 bit
just a few days ago to account for precomputation attacks:

RFC4419 seems to recommend 1024 bit minimum, but the document appears
to be from 2006.

>       --dkg


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ