[Ach] 9.2.1 Dovecot, some additions, questions
christian mock
cm at coretec.at
Wed Nov 20 17:42:30 CET 2013
On Wed, Nov 20, 2013 at 05:08:55PM +0100, Adi Kriegisch wrote:
> > Firstly: does it really make sense to regularily regenerate dhparams
> > at all?
> As you want your ephemeral keys to be mostly unique (especially for many
> sessions), yes, I think so.
To *re*generate them every week?
The dhparams file contains the prime and the generator, which both are
public anyways... The private key has to be generated afresh for every
key exchange.
cm.
--
Christian Mock Wiedner Hauptstr. 15
Senior Security Engineer 1040 Wien
CoreTEC IT Security Solutions GmbH +43-1-5037273
FN 214709 z
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
CoreTEC: Web Application Audit - Damit so etwas nicht passiert!
http://heise.de/-1260559
.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
More information about the Ach
mailing list