On Thu, Sep 03, 2015 at 11:59:11AM +0000, Peter Gutmann wrote:
One saving grace about RFC 2631 was that it was pretty much universally ignored for the reason that it was, well, a pretty stupid way to do things, so the number of affected implementations would be approximately zero.
Anyway, I would appreciate if someone checks if current implementations accept composite $q$.
(I only know of one, rather minor, vendor who implemented it. Microsoft implemented it in receive-only mode solely so that they couldn't be accused of being non-standards-compliant, but I'd be very surprised if there was anything still around that supported it. For starters you'd need to be able to find a CA that could issue you a DH certificate...).
What do you mean by DH certificate? Can DH sign?
Peter.