On 07/01/2013 05:50 PM, Ted Zlatanov wrote: > We understand it's insecure. Our users have told us some servers won't > work without it.
I'd be curious to know which servers fail like this. on those servers,
i'd say you'd be better off just not negotiating the any of the DHE
ciphersuites at all, rather than forcing the connection to a
trivially-crackable diffie-hellman exchange.
--dkg
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
