[PATCH 2/2] tls: increase Diffie-Hellman group size to 2048 bits

Andrew Bartlett abartlet at samba.org
Wed Sep 2 22:42:15 UTC 2015

On Wed, 2015-09-02 at 12:37 +0200, Björn Jacke wrote:
> 1024 bits is already the minimum accepted size of current TLS 
> libraries. 2048
> is recommended for servers, see https://weakdh.org/
> Signed-off-by: Bjoern Jacke <bj at sernet.de>

This also fixes our generated RSA certificate to be 2048 bits. 
 However, that link really wasn't clear, we should add a separate
define for that.

Anyway, that is a distinct issue, so this is in autobuild.

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   

More information about the samba-technical mailing list