> OpenSSL provides the option SSL_OP_SINGLE_DH_USE for ephemeral DH (DHE) in TLS.
It is not on by default. If the option is not set then the server reuses the
same private DH exponent for the life of the server process and would be
vulnerable to this attack. It is believed that many popular applications do set
this option and would therefore not be at risk.
Shouldn't that be "... do NOT ..."?
Edit: Nevermind the double negative got me. Setting the option (which is not on by default) mitigates the issue and they're saying many apps do set it.
Shouldn't that be "... do NOT ..."?
Edit: Nevermind the double negative got me. Setting the option (which is not on by default) mitigates the issue and they're saying many apps do set it.