Displaying 2 results from an estimated 2 matches for "rfc7919".
2019 Feb 15
4
Can we disable diffie-hellman-group-exchange-sha1 by default?
Also, how are default moduli shipped with OpenSSH for use in
diffie-hellman-group-exchange-sha1/sha256 chosen? Are they chosen
randomly by developers or are they chosen for security properties? If
they are random, why not use moduli from RFC 7919 instead, like
Mozilla recommends?
On Fri, Feb 15, 2019 at 3:48 AM Mark D. Baushke <mdb at juniper.net> wrote:
>
> Yegor Ievlev <koops1997
2019 Feb 15
4
Can we disable diffie-hellman-group-exchange-sha1 by default?
...> That they are not fixed moduli is the security property itself.
>
> > If they are random, why not use moduli from RFC 7919 instead, like
> > Mozilla recommends?
>
> Ahh... a philosophical debate? The selection of primes generated
> based on digits of PI (RFC3526) vs E (RFC7919) (Euler's Number)?
>
> https://www.pleacher.com/mp/mhumor/epi.html
> https://www.reddit.com/r/math/comments/na7ua/pi_vs_e_debate/
> https://math.unca.edu/sites/default/files/documents/2013ParsonsLecture.pdf
> https://www.maa.org/press/maa-reviews/the-great-pie-debate
>
> If...