DH Group Exchange Fallback
Joseph S Testa II
jtesta at positronsecurity.com
Sat Sep 23 07:01:47 AEST 2017
On 09/22/2017 03:22 PM, Daniel Kahn Gillmor wrote:
> On Thu 2017-09-21 18:12:44 -0400, Joseph S Testa II wrote:
>> I gotta say... having a fallback mechanism here seems pretty
>> strange. The entire point of the group exchange is to use a dynamic
>> group and not a static one.
>
> fwiw, i think dynamic groups for DHE key exchange is intrinsically
> problematic when there is any computational expense in validating the
> quality of the group parameters.
While some may agree with this, the fact remains that the current
implementation isn't working as expected. I'm interested in correcting
the behavior.
- Joe
More information about the openssh-unix-dev
mailing list