Description
Longjam has landed, and we now know that DH below a certain threshold is vulnerable (to a nation-state adversary). https://weakdh.org/
while ats offers to configure dhparams through a file, it would be nice if, like dovecot, we offered a way to aut-regenerate dhparams, every $tperiod.
see http://wiki2.dovecot.org/SSL/DovecotConfiguration#SSL_security_settings
http://hg.dovecot.org/dovecot-2.2/file/45013c8cf69c/src/lib-ssl-iostream/iostream-openssl-params.c