Recently one more TLS attack was published: Logjam. The issue has a really clear description and demonstrated that sites that use 512 key size are vulnarable and it takes up to 10 mins to "decrypt client server keys exchanges".
Based on the attack nature it's understandable that clients and servers should be vulnarable to this type of attack. It seems only recent browsers have implemented security fixes to mitigate this vulnerability. Hovewer if you're working with "commonly used" Web Applications and also forced to support IE 8, 9+, other browsers it's unlikely that majority of users will have security patches on the client side.
And it's interesting to know if server is vulnerable or not if key size is 1024 bit. Based on Logjam description it's only a suggestion/recommendation: "it's preferable to have a key 2048 bit". This online test provides the following information:
Warning! This site uses a commonly-shared 1024-bit Diffie-Hellman group, and might be in range of being broken by a nation-state. It might be a good idea to generate a unique, 2048-bit group for the site.
Does this mean that site is potentially vulnerable?
