[openssl-users] Selection of DHE ciphers based on modulus size of DH

Sanjaya Joshi joshi.sanjaya at gmail.com
Wed Jun 6 19:11:51 UTC 2018


Hello,
I understood that when DHE ciphers are tried to be used between two
entities, it's only the server that plays a role about selection of the DH
parameters. This is not negotiable with the client. For e.g., the server
can freely use a very low not-recommended DH group with 512 bit key length
and the client cannot deny it.

Is this understanding still correct or this has been changed recently ?

Regards,
Sanjaya
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180607/19d7f609/attachment-0001.html>


More information about the openssl-users mailing list