[coderrr]

You're probably right. We've already changed to 2048 DH everywhere. Do you have any opinion on if that is a strong enough default?

[hyperplane]

Does OpenVPN support ECDH parameters yet? openssl supports ecparam[1], and polarssl is now supporting it in their development branch[2].

[1] http://www.openssl.org/docs/apps/ecparam.html

[2] https://github.com/polarssl/polarssl/commit/577e006c2fe4a361...

[coderrr]

We'll use standard DHE if the user selects an RSA cert (2048, 3072, or 4096). And we'll use ECDHE if the user selects an Elliptic Curve cert. We'll also be displaying a disclaimer about the potential issues with ECC (certain experts believe TLS curves may be compromised/weakened) if the user selects that.