From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.emacs.gnus.general/85627 Path: news.gmane.org!not-for-mail From: Greg Troxel Newsgroups: gmane.emacs.gnus.general Subject: Re: Diffie-Hellman key exchange has been lowered to 256 bits Date: Wed, 28 Jan 2015 07:32:02 -0500 Message-ID: References: <87h9vbxz3k.fsf@building.gnus.org> NNTP-Posting-Host: plane.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Trace: ger.gmane.org 1422448379 16680 80.91.229.3 (28 Jan 2015 12:32:59 GMT) X-Complaints-To: usenet@ger.gmane.org NNTP-Posting-Date: Wed, 28 Jan 2015 12:32:59 +0000 (UTC) Cc: James Cloos , ding@gnus.org To: Lars Ingebrigtsen Original-X-From: ding-owner+M33867@lists.math.uh.edu Wed Jan 28 13:32:58 2015 Return-path: Envelope-to: ding-account@gmane.org Original-Received: from util0.math.uh.edu ([129.7.128.18]) by plane.gmane.org with esmtp (Exim 4.69) (envelope-from ) id 1YGRnk-0002jF-5L for ding-account@gmane.org; Wed, 28 Jan 2015 13:32:56 +0100 Original-Received: from localhost ([127.0.0.1] helo=lists.math.uh.edu) by util0.math.uh.edu with smtp (Exim 4.63) (envelope-from ) id 1YGRn7-0002MR-FA; Wed, 28 Jan 2015 06:32:17 -0600 Original-Received: from mx2.math.uh.edu ([129.7.128.33]) by util0.math.uh.edu with esmtps (TLSv1:AES128-SHA:128) (Exim 4.63) (envelope-from ) id 1YGRn5-0002MA-SZ for ding@lists.math.uh.edu; Wed, 28 Jan 2015 06:32:15 -0600 Original-Received: from quimby.gnus.org ([80.91.231.51]) by mx2.math.uh.edu with esmtps (TLSv1.2:DHE-RSA-AES128-SHA:128) (Exim 4.84) (envelope-from ) id 1YGRn1-0003je-G6 for ding@lists.math.uh.edu; Wed, 28 Jan 2015 06:32:15 -0600 Original-Received: from linuxpal.mit.edu ([18.62.1.14]) by quimby.gnus.org with esmtp (Exim 4.80) (envelope-from ) id 1YGRmz-0004JY-9E; Wed, 28 Jan 2015 13:32:09 +0100 Original-Received: by linuxpal.mit.edu (Postfix, from userid 9545) id F2A741607A; Wed, 28 Jan 2015 07:32:05 -0500 (EST) OpenPGP: id=098ED60E X-Hashcash: 1:20:150128:larsi@gnus.org::TnI+LKHvr59Caf5B:0001Z07 X-Hashcash: 1:20:150128:ding@gnus.org::zmoX2WBj8kFCmcWf:00002yMi X-Hashcash: 1:20:150128:cloos@jhcloos.com::v9FeoiTmcJkf4tUC:00000000000000000000000000000000000000000000K3Yd In-Reply-To: <87h9vbxz3k.fsf@building.gnus.org> (Lars Ingebrigtsen's message of "Wed, 28 Jan 2015 16:18:07 +1100") User-Agent: Gnus/5.130006 (Ma Gnus v0.6) Emacs/24.3 (berkeley-unix) X-Spam-Score: -4.9 (----) List-ID: Precedence: bulk Xref: news.gmane.org gmane.emacs.gnus.general:85627 Archived-At: --=-=-= Content-Type: text/plain Lars Ingebrigtsen writes: > James Cloos writes: > >> I've been getting this message on my deb box for a few days now: >> >> ,---- >> | gnutls.c: [1] Note that the security level of the Diffie-Hellman key >> | exchange has been lowered to 256 bits and this may allow decryption of >> | the session data >> `---- >> >> It occurs for both nntp starttls and imaps connectins. >> >> That box runs sid and emacs24-nox, which uses libgnutls-deb0-28 >> (currently 3.2.15-2). > > Is this a new warning libgnutls outputs now? If so, we should filter it > out on the Emacs side. No, the problem should be fixed. 256-bit DH does not make any sense. --=-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iEYEARECAAYFAlTI1sIACgkQH9p66AmO1g5dzACfUmkNAAXgjWZyLEToe9aDU0Sc jHgAnA2c5BrjxxMh0t9eyxuZzyuQGx+X =Wciv -----END PGP SIGNATURE----- --=-=-=--