crypto: address a few potential loopholes for #logjam
o Regenerate all dhparam files. (Looksie, we don't have under 1024!) o Make beast mitigation the default, been around since 2011. o Tweak the cipher settings via recommendations below. Open points are the zapping of 1024 bit dhparam and how we should handle dhparam shipping in the future. Please write in to discuss. :) Taken from: https://weakdh.org/sysadmin.html
Showing
Please register or sign in to comment