What to do about SSL strength

Nicolas Goutte nicolasg at snafu.de
Wed Mar 8 17:20:24 GMT 2006

On Wednesday 08 March 2006 15:57, Thiago Macieira wrote:
> Nicolas Goutte wrote:
> >Could it be done optionally site-by-site like for Java or for
> > JavaScript?
> >
> >So basically it would mean that KDE does not use 128 bit or less SSL but
> > that a user can tell KDE: "this site is too stupid but I really need
> > it, so use 128 bits SSL for this site".
> We're talking about libkio (kio/kssl) here, not Konqueror or even
> kio_http.
> This is actually like the "broken DNS server" list: we have to work around
> bugs in other people's sites in very low level stuff in our libraries.
> And like the "broken DNS server" list, this should be something we ship,
> not something users configure. They'll always think it's Konqueror at
> fault, not the website they're trying to use and will never look for a
> solution in the configuration.

That is unfortunate that the difference cannot be made.

Broken DNS servers are broken for every DNS lookup and indeed that is a 
low-level problem (especially as it can hit many KIO slaves: ftp, http, fish, 
sftp, smtp, imap, pop3...)

A failed SSL link is however visible only at higher levels, mainly if KHTML is 

Have a nice day!

More information about the kde-core-devel mailing list