[openssl-users] [openssl-dev] A question DH parameter generation and usage
bhat.jayalakshmi at gmail.com
Wed Dec 6 18:04:53 UTC 2017
Thanks for the reply. We are planning to use DHE_RSA based ciphers.
On Wed, Dec 6, 2017 at 7:20 PM, Salz, Rich via openssl-users <
openssl-users at openssl.org> wrote:
> You can re-use the keys, but then you get no forward secrecy, and sessions
> generated with one connection are vulnerable to another.
> Why are you using DH? Unless you have compelling reasons (interop with
> legacy), you really should use ECDHE.
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users