OpenSSL Security Advisory

Jakob Bohm jb-openssl at
Thu Sep 10 15:14:37 UTC 2020

On 2020-09-10 09:03, Tomas Mraz wrote:
> On Wed, 2020-09-09 at 22:26 +0200, Jakob Bohm via openssl-users wrote:
>> Wouldn't a more reasonable response for 1.0.2 users have been to
>> force on
>> SSL_OP_SINGLE_DH_USE rather than recklessly deprecating affected
>> cipher
>> suites
>> and telling affected people to recompile with the fix off?
> You seem to be mixing two different affected things. One is the static
> DH ciphersuites. There is no remediation for these except for not using
> them. Fortunately they are not really used by anyone. This can be
> achieved on the server side by simply not providing the DH certificate.
> On the client side they can be dropped from the ciphers string. This is
> the "deprecating affected cipher suites" change part.
> On the other hand the reuse of DH key for ephemeral DH can be only
> disabled by setting SSL_OP_SINGLE_DH_USE by the calling server application. This is the part relevant for wider audience.
> So yes, both issues can be remediated by application calling the
> OpenSSL library. On the other hand it is not always possible to change
> the application so we also provide fix to premium support customers in
> terms of changing the openssl code.

The advisory didn't include this clarification, and didn't state if 
1.0.2w fixes the DHE case by doing what 1.1.x does and act like 
SSL_OP_SINGLE_DH_USE is always set.


Jakob Bohm, CIO, Partner, WiseMo A/S.
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list