(ridiculous formatting adjusted) On 2015-03-06, someone <thisistheone8...@gmail.com> wrote: > SUGGEST> THE> WORLD> TO> ONLY> USE> PERFECT> FORWARD> SECRECY> AND> > REMOVE> ALL> THE> WEAK> CIPHERS> IN> LIBRESSL> AND> OPENSSL! >
There is still not widespread support for PFS. Some of this is probably due to use of old software for whatever reason (slackness? not wanting to change something which has been tested?), some will be due to sites not wishing to increase CPU use (which PFS does). I just tried a handful of online banking sites in the qualys checker. Only *one* of the ones I tried (nice job triodos) supports PFS at all.
