From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/84658
Path: news.gmane.org!not-for-mail
From: James Cloos <cloos@jhcloos.com>
Newsgroups: gmane.emacs.gnus.general
Subject: Diffie-Hellman key exchange has been lowered to 256 bits
Date: Sat, 21 Jun 2014 11:44:37 +0000
Message-ID: <m3zjh6h4gq.fsf@carbon.jhcloos.org>
NNTP-Posting-Host: plane.gmane.org
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: ger.gmane.org 1403351235 29886 80.91.229.3 (21 Jun 2014 11:47:15 GMT)
X-Complaints-To: usenet@ger.gmane.org
NNTP-Posting-Date: Sat, 21 Jun 2014 11:47:15 +0000 (UTC)
To: ding@gnus.org
Original-X-From: ding-owner+M32901@lists.math.uh.edu Sat Jun 21 13:47:08 2014
Return-path: <ding-owner+M32901@lists.math.uh.edu>
Envelope-to: ding-account@gmane.org
Original-Received: from util0.math.uh.edu ([129.7.128.18])
	by plane.gmane.org with esmtp (Exim 4.69)
	(envelope-from <ding-owner+M32901@lists.math.uh.edu>)
	id 1WyJlB-0008MQ-UQ
	for ding-account@gmane.org; Sat, 21 Jun 2014 13:47:06 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu)
	by util0.math.uh.edu with smtp (Exim 4.63)
	(envelope-from <ding-owner+M32901@lists.math.uh.edu>)
	id 1WyJkQ-0002Tw-FX; Sat, 21 Jun 2014 06:46:18 -0500
Original-Received: from mx2.math.uh.edu ([129.7.128.33])
	by util0.math.uh.edu with esmtps (TLSv1:AES256-SHA:256)
	(Exim 4.63)
	(envelope-from <cloos@jhcloos.com>)
	id 1WyJkN-0002Tk-Rt
	for ding@lists.math.uh.edu; Sat, 21 Jun 2014 06:46:15 -0500
Original-Received: from quimby.gnus.org ([80.91.231.51])
	by mx2.math.uh.edu with esmtps (TLSv1:AES128-SHA:128)
	(Exim 4.76)
	(envelope-from <cloos@jhcloos.com>)
	id 1WyJkM-0005jd-KD
	for ding@lists.math.uh.edu; Sat, 21 Jun 2014 06:46:15 -0500
Original-Received: from ore.jhcloos.com ([198.147.23.85])
	by quimby.gnus.org with esmtp (Exim 4.80)
	(envelope-from <cloos@jhcloos.com>)
	id 1WyJkK-0003yy-Gr
	for ding@gnus.org; Sat, 21 Jun 2014 13:46:12 +0200
Original-Received: by ore.jhcloos.com (Postfix, from userid 10)
	id 50E121EF82; Sat, 21 Jun 2014 11:46:08 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jhcloos.com;
	s=ore14; t=1403351168;
	bh=RsM5mrPuFFywwAZhqI5Xro90iqnxLrNYsSXbZ8Oc+DI=;
	h=From:To:Subject:Date:From;
	b=AVQQc/Nxsfp60iY7r2f/1cGrDbwq+W68KlCM/OM685TvV5NqGf8pBsQCXKv7eMRK8
	 BVgWvSY22wGVKQelp9tdYy+nrz0lJDW01AaFkGRlOrCYTZjRFbp+2IMhdWzrzsgeKr
	 QORr9xKtc3V/AaJFRCS+bsT5DW7bUXE0uFSpRdxk=
Original-Received: by carbon.jhcloos.org (Postfix, from userid 500)
	id 045406001E; Sat, 21 Jun 2014 11:44:12 +0000 (UTC)
User-Agent: Gnus/5.130012 (Ma Gnus v0.12) Emacs/24.4.50 (gnu/linux)
Face: iVBORw0KGgoAAAANSUhEUgAAABAAAAAQAgMAAABinRfyAAAACVBMVEX///8ZGXBQKKnCrDQ3
 AAAAJElEQVQImWNgQAAXzwQg4SKASgAlXIEEiwsSIYBEcLaAtMEAADJnB+kKcKioAAAAAElFTkSu
 QmCC
Copyright: Copyright 2014 James Cloos
OpenPGP: 0x997A9F17ED7DAEA6; url=https://jhcloos.com/public_key/0x997A9F17ED7DAEA6.asc
OpenPGP-Fingerprint: E9E9 F828 61A4 6EA9 0F2B  63E7 997A 9F17 ED7D AEA6
Original-Lines: 51
X-Hashcash: 1:30:140621:ding@gnus.org::ir4Y5y6DNqcXl1y0:000UM4BX
X-Spam-Score: -2.0 (--)
List-ID: <ding.gnus.org>
Precedence: bulk
Xref: news.gmane.org gmane.emacs.gnus.general:84658
Archived-At: <http://permalink.gmane.org/gmane.emacs.gnus.general/84658>

I've been getting this message on my deb box for a few days now:

,----
| gnutls.c: [1] Note that the security level of the Diffie-Hellman key
| exchange has been lowered to 256 bits and this may allow decryption of
| the session data
`----

It occurs for both nntp starttls and imaps connectins.

That box runs sid and emacs24-nox, which uses libgnutls-deb0-28
(currently 3.2.15-2).

Using gnutls-cli directly, with either --tofu or --insecure to
connect to news.gmane.org (also with --starttls) results in:

,----
| - Description: (TLS1.0)-(RSA)-(AES-128-CBC)-(SHA1)
| - Session ID: E9:A4:91:94:AF:F0:B0:0E:EB:E1:55:BD:80:8F:A5:63:88:FC:38:96:3F:75:1E:63:2B:18:F4:F1:11:D6:98:E0
| - Version: TLS1.0
| - Key Exchange: RSA
| - Cipher: AES-128-CBC
| - MAC: SHA1
| - Compression: NULL
`----

and no error.

gnutls-cli -p imaps imap.gmail.com also works well, generating:

,----
| - Description: (TLS1.2)-(ECDHE-RSA-SECP256R1)-(AES-128-GCM)
| - Session ID: 5A:B8:70:F0:43:3D:25:EF:9D:F2:2D:9A:73:5C:CB:6E:DE:45:01:0C:71:E3:D6:F6:B3:C0:B9:47:5A:E2:E4:A4
| - Ephemeral EC Diffie-Hellman parameters
|  - Using curve: SECP256R1
|  - Curve size: 256 bits
| - Version: TLS1.2
| - Key Exchange: ECDHE-RSA
| - Server Signature: RSA-SHA256
| - Cipher: AES-128-GCM
| - MAC: AEAD
| - Compression: NULL
`----

So I cannot see why gnus' usage triggers that warning from gnutls.

-JimC
--
-JimC
-- 
James Cloos <cloos@jhcloos.com>         OpenPGP: 0x997A9F17ED7DAEA6