X.509 certificates for https://gnupg.org
Werner Koch
wk at gnupg.org
Tue Dec 17 16:37:27 CET 2013
On Mon, 16 Dec 2013 21:35, dkg at fifthhorseman.net said:
> Werner, if i can help with configuring or maintaining the web server for
> gnupg.org to address some of these issues, please let me know.
Yes, I have problems to figure out a woking cipher list which also
allows for IE. What DHE cipher suite may I use with IE given that I
have only an RSA certificate. Or should I simply give up on PFS for IE
users? The active ciphers are right now:
ECDHE-RSA-AES128-SHA SSLv3 Kx=ECDH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
Shalom-Salam,
Werner
p.s.
Attached is I my SSLNoCompression patch for Debian's pound in case
someone is interested.
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pound_no_compression.patch
Type: text/x-diff
Size: 3627 bytes
Desc: not available
URL: </pipermail/attachments/20131217/74e427be/attachment.patch>
More information about the Gnupg-users
mailing list