From 938341ed3d144f08ceb984a778fbe6842dd6f590 Mon Sep 17 00:00:00 2001 From: leeyc0 Date: Sat, 4 Jul 2026 20:44:13 +0800 Subject: [PATCH] Remove DH parameter size from TLS guidelines Cipher configuration no longer contains (integer) DH key exchange. --- docs/server-side-tls.html | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/server-side-tls.html b/docs/server-side-tls.html index 7585b1e..ac707b2 100644 --- a/docs/server-side-tls.html +++ b/docs/server-side-tls.html @@ -562,7 +562,6 @@

Intermedi
  • Protocols: TLS 1.2, TLS 1.3
  • TLS curves: X25519MLKEM768, X25519, prime256v1, secp384r1
  • Certificate type: ECDSA (P-256) (recommended), or RSA (2048 bits)
  • -
  • DH parameter size: 2048 (ffdhe2048, RFC 7919)
  • HSTS: max-age=63072000 (two years)
  • Certificate lifespan: 90 days (recommended) to 366 days
  • Cipher preference: client chooses