From fb015ca6f05e09b11a3932f89d25bae697c8af1e Mon Sep 17 00:00:00 2001
From: Christian Bundy <christianbundy@fraction.io>
Date: Tue, 1 Mar 2016 23:48:12 -0500
Subject: Update Diffie-Hellman parameters to IANA standards

This replaces the old SKIP primes with the most current Diffie-Hellman
MODP groups defined by RFC 7296 and RFC 3526.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from GitHub https://github.com/openssl/openssl/pull/775)
---
 apps/dh1024.pem | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

(limited to 'apps/dh1024.pem')

diff --git a/apps/dh1024.pem b/apps/dh1024.pem
index 6eaeca9b8e..f1a5e180aa 100644
--- a/apps/dh1024.pem
+++ b/apps/dh1024.pem
@@ -1,10 +1,10 @@
 -----BEGIN DH PARAMETERS-----
-MIGHAoGBAPSI/VhOSdvNILSd5JEHNmszbDgNRR0PfIizHHxbLY7288kjwEPwpVsY
-jY67VYy4XTjTNP18F1dDox0YbN4zISy1Kv884bEpQBgRjXyEpwpy1obEAxnIByl6
-ypUM2Zafq9AKUJsCRtMIPWakXUGfnHy9iUsiGSa6q6Jew1XpL3jHAgEC
+MIGHAoGBAP//////////yQ/aoiFowjTExmKLgNwc0SkCTgiKZ8x0Agu+pjsTmyJR
+Sgh5jjQE3e+VGbPNOkMbMCsKbfJfFDdP4TVtbVHCReSFtXZiXn7G9ExC6aY37WsL
+/1y29Aa37e44a/taiZ+lrp8kEXxLH+ZJKGZR7OZTgf//////////AgEC
 -----END DH PARAMETERS-----
 
-These are the 1024 bit DH parameters from "Assigned Number for SKIP Protocols"
-(http://www.skip-vpn.org/spec/numbers.html).
-See there for how they were generated.
-Note that g is not a generator, but this is not a problem since p is a safe prime.
+These are the 1024-bit DH parameters from "Internet Key Exchange 
+Protocol Version 2 (IKEv2)": https://tools.ietf.org/html/rfc5996
+
+See https://tools.ietf.org/html/rfc2412 for how they were generated.
-- 
cgit v1.2.3