On Sonntag, 11. August 2019 14:15:56 CEST Evgeny wrote: > On Sun, Aug 11, 2019 at 2:51 PM, Jonas Schäfer <[email protected]> > > wrote: > > Thanks. I understand that jabber.ru tried to up their DH key size? > > Apparently, > > that did not work. I still see dh key size too small. I haven’t > > figured out > > how to get openssl to tell me the DH key size they actually use > > though :( > > > > I suspect they might not have reloaded things properly? > > Here is what `nmap` reports for jabber.ru (on direct TLS c2s port): > https://gist.github.com/zinid/9c716db24c4c579596dc0cb96f74ac46 > > Seems like DH key is 4096 in size. By the way it was 2048 prior to > configuration change.
On s2s, testssl.sh (which I had to patch to support s2s) reports 1024 bits on both IPs: https://paste.debian.net/hidden/97314aea/ kind regards, Jonas
signature.asc
Description: This is a digitally signed message part.
