Re: Replacing the EDH SKIP primes

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Daniel Gustafsson <daniel(at)yesql(dot)se>
Cc: Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Re: Replacing the EDH SKIP primes
Date: 2019-07-04 00:58:29
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

On Wed, Jul 03, 2019 at 08:56:42PM +0200, Daniel Gustafsson wrote:
> Agreed, I’ve updated the patch with a comment on this formulated such that it
> should stand the test of time even as OpenSSL changes etc.

I'd like to think that we had rather mention the warning issue
explicitely, so as people don't get surprised, like that for example:

* This is the 2048-bit DH parameter from RFC 3526. The generation of the
* prime is specified in RFC 2412, which also discusses the design choice
* of the generator. Note that when loaded with OpenSSL this causes
* DH_check() to fail on with DH_NOT_SUITABLE_GENERATOR, where leaking
* a bit is preferred.

Now this makes an OpenSSL-specific issue pop up within a section of
the code where we want to make things more generic with SSL, so your
simpler version has good arguments as well.

I have just rechecked the shape of the key, and we have an exact

Attachment Content-Type Size
skip_primes-v3.patch text/x-diff 1.7 KB

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Jeff Davis 2019-07-04 01:07:46 Re: Memory-Bounded Hash Aggregation
Previous Message David Fetter 2019-07-04 00:41:18 Re: Index Skip Scan