Skip to content
Commit ff4de7dd authored by Emilia Kasper's avatar Emilia Kasper
Browse files

Update documentation with Diffie-Hellman best practices.


- Do not advise generation of DH parameters with dsaparam to save
computation time.
- Promote use of custom parameters more, and explicitly forbid use of
built-in parameters weaker than 2048 bits.
- Advise the callback to ignore <keylength> - it is currently called
with 1024 bits, but this value can and should be safely ignored by
servers.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
parent 3372aeed
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment