Date: Tue, 16 Jun 2015 17:26:48 -0700 From: Gregory Shapiro <gshapiro@gshapiro.net> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r284436 - head/contrib/sendmail/src Message-ID: <20150617002637.GN96521@C02N93Y5G3QT.corp.proofpoint.com> In-Reply-To: <1434487758.5828.6.camel@hardenedbsd.org> References: <201506160258.t5G2wo3a055792@svn.freebsd.org> <1434487758.5828.6.camel@hardenedbsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> > This commit chages that default to 1024 bits. sendmail 8.15.2, when > > released well use a default of 2048 bits. > > If upstream will be using 2048 bits, why not simply use that? The upstream is going to do this with a precomputed 2048 bit DH parameter. To keep this interim fix simple and not a performance degradation, I went with a run-time generated 1024 bit. Sites which wish to use 2048 run time can override the default in their configuration. Likewise, when 8.15.2 is imported, sites that prefer not to use a precomputed DH parameter can create their own by overriding the default to use a run-time or their own precomputed (but "unique") using a DH parameter file on the local file system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150617002637.GN96521>