[jdev] manifesto 0.4
Alexander Holler
holler at ahsoftware.de
Thu Nov 7 00:56:15 UTC 2013
Am 06.11.2013 21:58, schrieb Alexander Holler:
> Am 06.11.2013 21:35, schrieb Thijs Alkemade:
>>
>> On 6 nov. 2013, at 21:23, Philipp Hancke <fippo at goodadvice.pages.de> wrote:
>>
>>> Am 06.11.2013 21:02, schrieb Alexander Holler:
>>>> Not exactly the same, but I don't like the part
>>>>
>>>> "or require cipher suites that enable forward secrecy"
>>>>
>>>> for the same reason. OpenSSL 1.x isn't around that long, and there are
>>>> still many systems which do use e.g. Debian squeeze. And I assume the
>>>> state of OpenSSL on other "stable" systems like e.g. SLES or RHEL isn't
>>>> much better (but that's just an assumption from me).
>>>
>>> DHE/EDH suites have been around at least since 2006 (openssl 0.9.8d is the oldest binary i have access to).
>>
>> http://www.openssl.org/news/changelog.html suggests since as early as 1999.
(...)
>
> But thanks for the hint, maybe I will now look why it isn't enabled. ;)
Already have fixed it, I've had forgotten the DH parameter file and
haven't had marked it as TODO (as I usually do to not forget such things
later on):
//dp->ssl_context_.use_tmp_dh_file("dh1024.pem");
;)
Thanks again.
Regards,
Alexander Holler
More information about the JDev
mailing list