Re: Replacing the EDH SKIP primes

On 2019-06-18 13:05, Daniel Gustafsson wrote:
> This was touched upon, but never really discussed AFAICT, back when then EDH
> parameters were reworked a few years ago.  Instead of replacing with custom
> ones, as suggested in [1] it we might as well replace with standardized ones as
> this is a fallback.  Custom ones wont make it more secure, just add more work
> for the project.  The attached patch replace the SKIP prime with the 2048 bit
> MODP group from RFC 3526, which is the same change that OpenSSL did a few years
> back [2].

It appears that we have consensus to go ahead with this.

<paranoia>
I was wondering whether the provided binary blob contained any checksums
or other internal checks.  How would we know whether it contains
transposed characters or replaces a 1 by a I or a l?  If I just randomly
edit the blob, the ssl tests still pass.  (The relevant load_dh_buffer()
call does get called by the tests.)  How can we make sure we actually
got a good copy?
</paranoia>

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services