You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2014/06/26 17:54:34 UTC
svn commit: r1605829 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Author: jorton
Date: Thu Jun 26 15:54:34 2014
New Revision: 1605829
URL: http://svn.apache.org/r1605829
Log:
- note tweak to DH parameter sizes used in r1605827;
dropped the date reference here since it would no longer
be accurate.
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1605829&r1=1605828&r2=1605829&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Thu Jun 26 15:54:34 2014
@@ -843,8 +843,8 @@ are applied independently of the authent
<note>
<title>DH parameter interoperability with primes > 1024 bit</title>
<p>
-Beginning with version 2.5.0-dev as of 2013-09-29, mod_ssl makes use of
-standardized DH parameters with prime lengths of 2048, 3072 and 4096 bits
+Beginning with version 2.5.0-dev, mod_ssl makes use of
+standardized DH parameters with prime lengths of 2048, 3072 and 4096, 6144 and 8192 bits
(from <a href="http://www.ietf.org/rfc/rfc3526.txt">RFC 3526</a>), and hands
them out to clients based on the length of the certificate's RSA/DSA key.
With Java-based clients in particular (Java 7 or earlier), this may lead