Niels Möller wrote:
Jeffrey Hutzelman <jhutz%cmu.edu@localhost> writes:It might be desirable to RECOMMEND or even REQUIRE that diffie-hellman-group14-sha1 be listed _before_ diffie-hellman-group1-sha1, so that its use is preferred when both sides support it.I don't think such a recommendation or requirement is appropriate at all; algorithm selection is an implementation/local configuration issue. Saying that both groups MUST be supported is clear enough, I'd expect that all implementations except possibly very constrained ones will prefer group14 over group1, as soon as it's implemented and tested.
Nonetheless, providing a hint to possibly-ill-informed implementors about what should come first by default wouldn't be a bad thing? I agree that it certainly shouldn't be REQUIRED, but RECOMMENDing that the default configuration prefers group14 would hardly be a bad thing? Few admins I know would trust themselves to play with the ordering of algorithm selection, making the implementor's default choice a very relevant issue. Helping the implementors to get this right doesn't really have many disadvantages?
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com