https://docs.microsoft.com/en-us/windows/win32/seccertenroll/cryptoapi-cryptographic-service-providers
Cryptographic Provider Names
https://docs.microsoft.com/zh-tw/windows/win32/seccrypto/cryptographic-provider-names
2020年2月18日 星期二
指定 TLS 伺服器預設的 Diffie-hellman Helman 金鑰位長度,請建立ServerMinKeyBitLength
解釋:
DWORD是Unsigned integer (32-bit),0x00000800就是2048位元,1024被認為不安全
REF:
https://docs.microsoft.com/zh-tw/windows-server/security/tls/tls-registry-settings
https://thycotic.force.com/support/s/article/TLS-Diffie-Hellman-Hardening
KB3174644
https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2016/3174644
Weak Diffie-Hellman and the Logjam Attack
https://weakdh.org
訂閱:
文章 (Atom)