From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/85642
Path: news.gmane.org!not-for-mail
From: Lars Ingebrigtsen <larsi@gnus.org>
Newsgroups: gmane.emacs.gnus.general
Subject: Re: Diffie-Hellman key exchange has been lowered to 256 bits
Date: Thu, 29 Jan 2015 12:39:53 +1100
Message-ID: <87mw52nz4m.fsf@building.gnus.org>
References: <m3zjh6h4gq.fsf@carbon.jhcloos.org>
	<87h9vbxz3k.fsf@building.gnus.org> <smuvbjrqe65.fsf@linuxpal.mit.edu>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1422495792 11645 80.91.229.3 (29 Jan 2015 01:43:12 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Thu, 29 Jan 2015 01:43:12 +0000 (UTC)
Cc: James Cloos <cloos@jhcloos.com>, ding@gnus.org
To: Greg Troxel <gdt@lexort.com>
Original-X-From: ding-owner+M33883@lists.math.uh.edu Thu Jan 29 02:43:11 2015
Return-path: <ding-owner+M33883@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M33883@lists.math.uh.edu>)
	id 1YGe8U-0007bC-8d
	for ding-account@gmane.org; Thu, 29 Jan 2015 02:43:10 +0100
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M33883@lists.math.uh.edu>)
	id 1YGe8N-00063H-0U; Wed, 28 Jan 2015 19:43:03 -0600
Original-Received: from mx2.math.uh.edu ([129.7.128.33])
	by util0.math.uh.edu with esmtps (TLSv1:AES128-SHA:128)
	(Exim 4.63)
	(envelope-from <larsi@gnus.org>)
	id 1YGe8L-00062t-I7
	for ding@lists.math.uh.edu; Wed, 28 Jan 2015 19:43:01 -0600
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx2.math.uh.edu with esmtps (TLSv1.2:DHE-RSA-AES128-SHA:128)
	(Exim 4.84)
	(envelope-from <larsi@gnus.org>)
	id 1YGe8K-00011v-HR
	for ding@lists.math.uh.edu; Wed, 28 Jan 2015 19:43:01 -0600
Original-Received: from smtp.syd.comcen.com.au ([203.23.236.77])
	by quimby.gnus.org with esmtp (Exim 4.80)
	(envelope-from <larsi@gnus.org>)
	id 1YGe8I-0004Pc-DE
	for ding@gnus.org; Thu, 29 Jan 2015 02:42:59 +0100
Original-Received: from building.gnus.org ([27.96.197.126])
	by smtp.syd.comcen.com.au (8.13.4/8.12.9) with ESMTP id t0T1dwsm023606;
	Thu, 29 Jan 2015 12:39:58 +1100 (EST)
In-Reply-To: <smuvbjrqe65.fsf@linuxpal.mit.edu> (Greg Troxel's message of
	"Wed, 28 Jan 2015 07:32:02 -0500")
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/25.0.50 (gnu/linux)
X-comcen-MailScanner-Information: Please contact the ISP for more information
X-comcen-MailScanner: Found to be clean
X-comcen-MailScanner-SpamCheck: not spam, SpamAssassin (not cached,
	score=0.101, required 4, AWL 0.00, BAYES_50 0.00, RDNS_NONE 0.10)
X-comcen-MailScanner-From: larsi@gnus.org
X-Spam-Score: -1.9 (-)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:85642
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/85642>

Greg Troxel <gdt@lexort.com> writes:

> No, the problem should be fixed.  256-bit DH does not make any sense.

It will use as many DH bits as the server allows.  If the server only
uses 256-bits Diffie-Hellman, the connection is essentially unencrypted,
and you may chose not to talk to the server, or you may choose talk to
the server anyway.  That's up to the user.

So there is no problem to be fixed.

(The network security manager (on "high") will warn about DH lower than
1024, though.)

-- 
(domestic pets only, the antidote for overdose, milk.)
  bloggy blog http://lars.ingebrigtsen.no/