Opened 4 years ago

Closed 4 years ago

#1580 closed task (fixed)

Use stronger DH parameters

Reported by: killyourtv Owned by:
Priority: major Milestone: undecided
Component: www/i2p Version: 0.9.19
Keywords: security Cc: backup, echelon
Parent Tickets:

Description (last modified by killyourtv)

Just like #1427 with RC4, we could better protect users by using better dhparams on our Internet facing sites.

According to and are vulnerable to logjam.

These reseed servers are also vulnerable



Change History (6)

comment:1 Changed 4 years ago by killyourtv

  • Description modified (diff)
  • Milestone set to undecided

comment:2 Changed 4 years ago by zzz

  • Cc backup echelon added

comment:3 Changed 4 years ago by backup

Remark with DH 2048:
Java 6u45 clients are then reduced to two remaining (secure) ciphers:

TLS_RSA_WITH_AES_128_CBC_SHA (0x2f) 128

and no PFS.

comment:4 Changed 4 years ago by str4d

  • Keywords security added

comment:5 Changed 4 years ago by str4d

  • Status changed from new to open

comment:6 Changed 4 years ago by backup

  • Resolution set to fixed
  • Status changed from open to closed
  • fixed by owner :-) Thanks!
  • fixed by owner :-) Thanks!
  • reseed server was defect, same su3-file to every client - url removed!

Thanks very much, backup

Note: See TracTickets for help on using tickets.