+1 on the backport. I'm a co-founder of a non-profit. Our websites have to default to SSL to protect the privacy of our clients. Since this is a production webserver, we can only use Ubuntu 12.04 LTS as that's what our IaaS vendor offers us for Ubuntu/Debian distros. The lack of forward-secrecy is a risk exposure to us and would like see it addressed.
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1197884 Title: apache2.2 SSL has no forward-secrecy: need ECDHE keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs