Am 06.11.2013 21:58, schrieb Alexander Holler:
Am 06.11.2013 21:35, schrieb Thijs Alkemade:
On 6 nov. 2013, at 21:23, Philipp Hancke <[email protected]> wrote:
Am 06.11.2013 21:02, schrieb Alexander Holler:
Not exactly the same, but I don't like the part
"or require cipher suites that enable forward secrecy"
for the same reason. OpenSSL 1.x isn't around that long, and there are
still many systems which do use e.g. Debian squeeze. And I assume the
state of OpenSSL on other "stable" systems like e.g. SLES or RHEL isn't
much better (but that's just an assumption from me).
DHE/EDH suites have been around at least since 2006 (openssl 0.9.8d is the
oldest binary i have access to).
http://www.openssl.org/news/changelog.html suggests since as early as 1999.
(...)
But thanks for the hint, maybe I will now look why it isn't enabled. ;)
Already have fixed it, I've had forgotten the DH parameter file and
haven't had marked it as TODO (as I usually do to not forget such things
later on):
//dp->ssl_context_.use_tmp_dh_file("dh1024.pem");
;)
Thanks again.
Regards,
Alexander Holler
_______________________________________________
JDev mailing list
Info: http://mail.jabber.org/mailman/listinfo/jdev
Unsubscribe: [email protected]
_______________________________________________
