http://bugzilla.opensuse.org/show_bug.cgi?id=902781
Matthew Ehle changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|WONTFIX |---
--- Comment #4 from Matthew Ehle ---
Hello,
I actually meant to get back to you on this.
I discovered that DHE ciphers are supported in the latest firmware update for
our load balancer. I will reopen this bug as it is now resolvable. As you are
aware, we need to do a lot of testing with new firmware before deploying in
production. I currently project this at two weeks.
Regarding RC4 ciphers, I don't remember them being the default. I checked the
configuration and they are not listed as the highest priority ciphers. I
double checked the SSL Labs results, and they confirm this. Perhaps you
misread the report? In any case, when we update the firmware, a few things
will happen:
- PFS will be support and DHE ciphers will be given the highest priority
- EC will also be supported, but I will probably only use them on
"experimental" domains at first
- RC4 will be put at the very bottom of the list for server priority (only IE8
should require this)
I will let you know when we are ready to upgrade in production.
--
You are receiving this mail because:
You are on the CC list for the bug.