| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
| Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: Replacing the EDH SKIP primes |
| Date: | 2019-06-19 03:40:01 |
| Message-ID: | 20190619034001.GF17450@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Tue, Jun 18, 2019 at 02:05:00PM +0200, Daniel Gustafsson wrote:
> The current hardcoded EDH parameter fallback use the old SKIP primes, for which
> the source disappeared from the web a long time ago. Referencing a known dead
> source seems a bit silly, so I think we should either switch to a non-dead
> source of MODP primes or use an archive.org link for SKIP. Personally I prefer
> the former.
I agree with you that it sounds more sensible to switch to a new prime
instead of relying on an archive of the past one.
> This was touched upon, but never really discussed AFAICT, back when then EDH
> parameters were reworked a few years ago. Instead of replacing with custom
> ones, as suggested in [1] it we might as well replace with standardized ones as
> this is a fallback. Custom ones wont make it more secure, just add more work
> for the project. The attached patch replace the SKIP prime with the 2048 bit
> MODP group from RFC 3526, which is the same change that OpenSSL did a few years
> back [2].
Fine by me. Let's stick with the 2048b-long one for now as we did in
c0a15e0. I am wondering if we should sneak that into v12, but I'd
rather just wait for v13 to open.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Amit Kapila | 2019-06-19 03:46:09 | Re: [PATCH] Stop ALTER SYSTEM from making bad assumptions |
| Previous Message | Michael Paquier | 2019-06-19 02:54:26 | Re: openssl valgrind failures on skink are due to openssl issue |