Integrated: 8301700: Increase the default TLS Diffie-Hellman group size from 1024-bit to 2048-bit
Sean Mullan
mullan at openjdk.org
Wed Feb 15 13:28:56 UTC 2023
On Thu, 9 Feb 2023 20:59:37 GMT, Sean Mullan <mullan at openjdk.org> wrote:
> Please review this change to increase the default Diffie-Hellman group size used in the key exchange method of TLS_DHE cipher suites from 1024-bit to 2048-bit. This issue does not affect TLS 1.3 as the minimum DH group size is 2048 bits..
>
> See the CSR for more details on the rationale for this change and the expected compatibility risk (low).
This pull request has now been integrated.
Changeset: 26b111d7
Author: Sean Mullan <mullan at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/26b111d714c3ee62bd10a5e2ab44be01c13ff42e
Stats: 30 lines in 2 files changed: 1 ins; 10 del; 19 mod
8301700: Increase the default TLS Diffie-Hellman group size from 1024-bit to 2048-bit
Reviewed-by: xuelei
-------------
PR: https://git.openjdk.org/jdk/pull/12502
More information about the security-dev
mailing list