Opened 6 years ago

Closed 6 years ago

#1580 closed task (fixed)

Use stronger DH parameters

Reported by: killyourtv Owned by:
Priority: major Milestone: undecided
Component: www/i2p Version: 0.9.19
Keywords: security Cc: backup, Eche|on
Parent Tickets: Sensitive: no

Description (last modified by killyourtv)

Just like #1427 with RC4, we could better protect users by using better dhparams on our Internet facing sites.

According to and are vulnerable to logjam.

These reseed servers are also vulnerable



Change History (6)

comment:1 Changed 6 years ago by killyourtv

Description: modified (diff)
Milestone: undecided

comment:2 Changed 6 years ago by zzz

Cc: backup Eche|on added

comment:3 Changed 6 years ago by backup

Remark with DH 2048:
Java 6u45 clients are then reduced to two remaining (secure) ciphers:

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128

and no PFS.

comment:4 Changed 6 years ago by str4d

Keywords: security added

comment:5 Changed 6 years ago by str4d

Status: newopen

comment:6 Changed 6 years ago by backup

Resolution: fixed
Status: openclosed
  • fixed by owner :-) Thanks!
  • fixed by owner :-) Thanks!
  • reseed server was defect, same su3-file to every client - url removed!

Thanks very much, backup

Note: See TracTickets for help on using tickets.