[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: What to do about SSL strength
From: George Staikos <staikos () kde ! org>
Date: 2006-03-07 18:41:27
Message-ID: 200603071341.27534.staikos () kde ! org
[Download RAW message or body]
I'm really frustrated. All along, my goals with KSSL were to be secure, but
most importantly compatible. I finally broke down and threw away the
"compatibility preferences" list in 3.5.x as we had too many users
complaining that KSSL negotiated 'weak' ciphers. This where 'weak' ==
128bit. Well, now we're back to bug reports that KSSL can no-longer talk to
servers. It's definitely about broken servers, but there is nothing we can
do to have them fixed. The result is that people can't login to their bank
or favorite store because they're told that Konqi doesn't support strong SSL.
(Meanwhile, the cipher negotiated is 168bit or stronger.) My personal view
is that we go back to the preferences list and people can forget about
unsupported modern SSL ciphers for now. Any thoughts on this?
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic