Nikto reports the following via the "ssl-dh-params" NSE script:
Check results:
| WEAK DH GROUP 1
| Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
| Modulus Type: Safe prime
| Modulus Source: mod_ssl 2.2.x/1024-bit MODP group with safe prime modulus
| Modulus Length: 1024
| Generator Length: 8
| Public Key Length: 1024
Why is the DH group reported as "WEAK DH GROUP 1" when Group 1 should have a modulus length of 768 according to sources such as this? This, as you can see is 1024 which should be Group 2.
