[FIG(quote)[
[FIGCAPTION[
[1] [CITE[Deprecate DHE-based ciphers - Chrome Platform Status]]
( ([TIME[2016-06-30 20:38:39 +09:00]]))
<https://www.chromestatus.com/feature/5752033759985664>
]FIGCAPTION]

> Last year, we raised the minimum TLS Diffie-Hellman group size from 512-bit to 1024-bit. As mentioned then, 1024-bit is insufficient for the long-term. However, metrics report that around 95% of DHE connections seen by Chrome use 1024-bit DHE. This, compounded with how DHE is negotiated in TLS, makes it difficult to move past 1024-bit. Servers should upgrade to ECDHE if available. Otherwise, ensure a plain-RSA cipher suite is enabled.

]FIG]


[2] [CITE@en[Issue 598109 - chromium - Deprecate DHE-based ciphers - Monorail]]
( ([TIME[2016-06-30 20:39:19 +09:00]]))
<https://bugs.chromium.org/p/chromium/issues/detail?id=598109>

[3] [CITE@en[Issue 619194 - chromium - Remove DHE-based ciphers - Monorail]]
( ([TIME[2016-06-30 20:39:43 +09:00]]))
<https://bugs.chromium.org/p/chromium/issues/detail?id=619194>