GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Sat, 23 Jun 2018 10:39:02 UTC

Severity: normal

Tags: fixed, security

Found in version 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Noam Postavsky <npostavs <at> gmail.com>
To: Jimmy Yuen Ho Wong <wyuenho <at> gmail.com>
Cc: Lars Ingebrigtsen <larsi <at> gnus.org>, 31946 <at> debbugs.gnu.org
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Tue, 26 Jun 2018 08:44:23 -0400

Jimmy Yuen Ho Wong <wyuenho <at> gmail.com> writes:

> 4. For dh-small-subgroup and dh-composite, the only way to check this in
> LISP seems to be to supply `:min-prime-bits 2048` to
> `gnutls-boot-parameters`.

It only blocks dh-composite, not dh-small-subgroup for me.  And I think
that's just a coincidence: dh-composite.badssl.com site sends a 2047 bit
DH "prime" while dh-small-subgroup.badssl.com sends a 2048 bit DH prime.
But it's certainly possible to send a 2048 bit composite as the "prime"
which would wouldn't be blocked either.  I would guess the 2047 bit
parameter was intended to be 2048, but the top bit just happened to
generate as 0.

This bug report was last modified 5 years and 327 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #31946 27.0.50; The NSM should warn about more TLS problems

GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems