It seems like the warning would be emitted in cases when DH exchange is disabled. ECDH is supported by nearly all new browsers and devices (that we care about anyway) and so have DH disabled and only ECDH enabled when PFS can be used -- specifically to avoid the large DH overhead especially for mobile devices.
With the patch, it sounds like we would need to include a setting for "default-dh-param" even though it would never actually be used (or include a dh-param in our cert) to avoid a warning. Is it possible to only generate the dh-param and warnings if a cipher that needs it is enabled? -Bryan
