Rui Hodai wrote, On 2009-01-20 16:37: > I'd like to know how can I change DHE key sizes with Firefox3.
No change to Firefox will have any effect. > I found the 1024 bits keys are used as DHE key irrespective of > SSL certificates when I captured communication packets from > between Firefox3 and Apache+OpenSSL. Right. DHE is not tied to the sizes of keys in certs. > -Which decide the DHE key size ? > e.g. SSL server(Apache+OpenSSL etc.), Firefox3 The server chooses P and g, and P determines key size. > -How can I change to the longer DHE key length (e.g. 2048 bits)? > Which configuration should be set? > e.g. Firefox3 configuration, the SSL server configuration It's purely in the server. > -I couldn't find the DHE key information in Firefox3 on page > information, but IE shows these information on page property. > Will Firefox3 show them in the future ? The NSS libraries provide access to that information, but whether or not the browser displays it is entirely up to the browser, not to NSS. > Thank you. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
