--nextPart1199707.4vBccxob0B
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

George Staikos wrote:
>  I'm really frustrated.  All along, my goals with KSSL were to be
> secure, but most importantly compatible.  I finally broke down and
> threw away the "compatibility preferences" list in 3.5.x as we had too
> many users complaining that KSSL negotiated 'weak' ciphers.  This where
> 'weak' =3D=3D 128bit.  Well, now we're back to bug reports that KSSL can
> no-longer talk to servers.  It's definitely about broken servers, but
> there is nothing we can do to have them fixed.  The result is that
> people can't login to their bank or favorite store because they're told
> that Konqi doesn't support strong SSL. (Meanwhile, the cipher
> negotiated is 168bit or stronger.)  My personal view is that we go back
> to the preferences list and people can forget about unsupported modern
> SSL ciphers for now.  Any thoughts on this?

Let me understand this correctly:

=2D you made it so that we negotiate ciphers of 168 bits or stronger
=2D as a result, servers tell us we don't support strong encryption

Are those servers trying to use 128-bit as "strong"? Or is that just a=20
negotiation problem?
=2D-=20
  Thiago Macieira  -  thiago (AT) macieira.info - thiago (AT) kde.org
    PGP/GPG: 0x6EF45358; fingerprint:
    E067 918B B660 DBD1 105C  966C 33F5 F005 6EF4 5358

2. T=F3 cennan his weorc gearu, ymbe se circolwyrde, wear=F0 se c=E6gbord a=
nd se=20
leohtspeccabord, and =FEa m=FDs c=F3mon lator. On =FEone d=E6g, he hine res=
te.

--nextPart1199707.4vBccxob0B
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (GNU/Linux)

iD8DBQBEDdfCM/XwBW70U1gRAvqcAKCkPjpnbeiIgyqLsp10DIAfFAgJSQCcDd0T
TPUEKk5ZEMe2EuLqZmBak1E=
=u3QO
-----END PGP SIGNATURE-----

--nextPart1199707.4vBccxob0B--