Re: [gnutls-dev] Feature request: not really random session keys

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnutls-dev] Feature request: not really random session keys

From:	Nikos Mavrogiannopoulos
Subject:	Re: [gnutls-dev] Feature request: not really random session keys
Date:	Mon, 30 Jan 2006 15:40:09 +0100

On 1/30/06, Florian Weimer <address@hidden> wrote:

> > As far as I remember it was saving it to a file to eliminate the need
> > for regeneration every time. Isn't this the case any more?
> It does, but when it's not there (or outdated, apparently), every
> delivery process which needs it tries to regenerate it in parallel.
> If you have a busy mail server, this is quite noticeable.  (It doesn't
> matter if you only process a few thousand messages per day.)

Hmmm then it's a problem... the process shouldn't check if it is outdated or not
(or could check but in that case disable the corresponding ciphersuites, instead
of generating the key). The easier way to fix that is to generate the
RSA key and
the DH parameters by other means --say certtool running on the bg once
per day or something like that.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [gnutls-dev] Feature request: not really random session keys, (continued)
- [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/18
- Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/18
  - Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/18
    - Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/18
    - Re: [gnutls-dev] Feature request: not really random session keys, Werner Koch, 2006/01/19
    - Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos <=
    - Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Nikos Mavrogiannopoulos, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Andreas Metzler, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Werner Koch, 2006/01/30
    - Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30
    - [gnutls-dev] Re: Feature request: not really random session keys, Simon Josefsson, 2006/01/30
    - Re: [gnutls-dev] Re: Feature request: not really random session keys, Werner Koch, 2006/01/31
    - Re: [gnutls-dev] Feature request: not really random session keys, Werner Koch, 2006/01/31
- Re: [gnutls-dev] Feature request: not really random session keys, Florian Weimer, 2006/01/30

Prev by Date: Re: [gnutls-dev] Feature request: not really random session keys
Next by Date: [gnutls-dev] Re: Feature request: not really random session keys
Previous by thread: Re: [gnutls-dev] Feature request: not really random session keys
Next by thread: Re: [gnutls-dev] Feature request: not really random session keys
Index(es):
- Date
- Thread