[openssl-users] DSA with OpenSSL-1.1

Hanno Böck hanno at hboeck.de
Fri Jul 1 14:40:19 UTC 2016


On Fri, 1 Jul 2016 15:29:53 +0200
"pepone.onrez" <pepone.onrez at gmail.com> wrote:

> After upgrade my software to use OpenSSL-1.1 one of the test is
> failing, the test in question client and server are configured to use
> DSA certificates. The server is configured to request a client
> certificate.

I can't answer your question, but I have one to you: Why do you use DSA?

There was a discussion in the TLS working group a while ago about DSA
support and there was overwhelming support to remove it in TLS 1.3.
The rationale was basically that DSA in TLS is rarely used at all, is
often used with insecure key sizes (1024 bit) and has a severe weakness
when it comes to bad random numbers. On top of that it has basically no
advantage over the much more widely used RSA. The original reason
(in the early 90s) to use DSA over RSA were patent issues, but those are
long expired.

So my (and I think most others) impression is that DSA in TLS is as
dead as it can be and probably the most sane move for OpenSSL would be
to just remove it. Given that I'd like to know why you seem to have
chosen to still use DSA.

Hanno Böck

mail/jabber: hanno at hboeck.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160701/5c5a425c/attachment.sig>

More information about the openssl-users mailing list