What to do about SSL strength
George Staikos
staikos at kde.org
Thu Mar 9 10:07:22 GMT 2006
On Wednesday 08 March 2006 10:04, Henry Miller wrote:
> On Wednesday 08 March 2006 03:19, Thiago Macieira wrote:
> > George Staikos wrote:
> > >> - you made it so that we negotiate ciphers of 168 bits or stronger
> > >> - as a result, servers tell us we don't support strong encryption
> > >
> > > Yes.
> > >
> > >> Are those servers trying to use 128-bit as "strong"?
> > >
> > > Basically they have "if (bits(cipher) != 128) { error('weak crypto
> > >unsupported'); }"
>
> Nothing should be done until we check with Mozilla, Apple, and Opera.
I'm sitting in a room with developers of 2 of the three you list there at
the moment so I'll ask around.
> The right solution is for everyone to support 168 bit encryption.
That's not a solution. The solution is something which makes Konqueror
work with the sites that don't support newer ciphers properly. What you
propose is that the problem go away. :-)
> P.S. This would be a good thing to summarize and submit to
> www.thedailywtf.com, not only will everyone get a good laugh over it, but
> they have a bunch of readers, some of whom may have power to fix this, if
> they know to look for it.
Feel free.
--
George Staikos
KDE Developer http://www.kde.org/
Staikos Computing Services Inc. http://www.staikos.net/
More information about the kde-core-devel
mailing list