diff --git a/include/polarssl/dhm.h b/include/polarssl/dhm.h index 8d64a5f91..e8ea1725c 100644 --- a/include/polarssl/dhm.h +++ b/include/polarssl/dhm.h @@ -55,6 +55,12 @@ * RFC 3526 4. 3072-bit MODP Group * RFC 5114 2.1. 1024-bit MODP Group with 160-bit Prime Order Subgroup * RFC 5114 2.2. 2048-bit MODP Group with 224-bit Prime Order Subgroup + * + * \warning The primes from RFC 5114 do not come together with information + * on how they were generated and are therefore not considered + * trustworthy. It is recommended to avoid them and to use the + * nothing-up-my-sleeve primes from RFC 3526 instead. + * */ #define POLARSSL_DHM_RFC2409_MODP_1024_P \ "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" \