[16616] in cryptography@c2.net mail archive
Re: SSL/TLS passive sniffing
daemon@ATHENA.MIT.EDU (Greg Rose)
Tue Jan 4 16:24:58 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 04 Jan 2005 12:10:11 -0800
To: Florian Weimer <fw@deneb.enyo.de>
From: Greg Rose <ggr@qualcomm.com>
Cc: John Denker <jsd@av8n.com>, cryptography@metzdowd.com
In-Reply-To: <87u0qeknm9.fsf@deneb.enyo.de>
At 22:51 2004-12-22 +0100, Florian Weimer wrote:
>* John Denker:
>
> > Florian Weimer wrote:
> >
> >> Would you recommend to switch to /dev/urandom (which doesn't block if
> >> the entropy estimate for the in-kernel pool reaches 0), and stick to
> >> generating new DH parameters for each connection,
> >
> > No, I wouldn't.
>
>Not even for the public parameters?
Am I understanding correctly? Does SSL/TLS really generate a new P and G
for each connection? If so, can someone explain the rationale behind this?
It seems insane to me. And not doing so would certainly ease the problem on
the entropy pool, not to mention CPU load for primality testing.
I must be misunderstanding. Surely. Please?
Greg.
Greg Rose INTERNET: ggr@qualcomm.com
Qualcomm Incorporated VOICE: +1-858-651-5733 FAX: +1-858-651-5766
5775 Morehouse Drive http://people.qualcomm.com/ggr/
San Diego, CA 92121 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
