[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Bug-wget] [PATCH] PFS runtime check
|
From: |
Tim Ruehsen |
|
Subject: |
Re: [Bug-wget] [PATCH] PFS runtime check |
|
Date: |
Thu, 17 Oct 2013 09:43:30 +0200 |
|
User-agent: |
KMail/4.10.5 (Linux/3.10-3-amd64; KDE/4.10.5; x86_64; ; ) |
On Monday 09 September 2013 10:46:20 Giuseppe Scrivano wrote:
> Tim Ruehsen <address@hidden> writes:
> > I don't think, we need a change. Even if the priority string 'PFS' will be
> > backported to e.g. libgnutls 3.1.x, you still need a current Wget to use
> > PFS. And the current Wget falls back to 'NORMAL:-RSA' which is exactly
> > the same regarding the used ciphers (even the order is the same).
> > The only reason for using the 'PFS' priority string instead of
> > 'NORMAL:-RSA' is to enable future changes to PFS ciphers. This is a
> > forward compatibility, the backward compatibility is given right now.
> >
> > Of course there could be a future diversion of 'PFS' and 'NORMAL:-RSA'
> > which is than backported to libgnutls < 3.2.4. But maybe we should talk
> > about this issue than, or the backporters creates a Wget patch for their
> > system !?
> >
> > However, here is a patch for your suggestion.
> > Should Giuseppe decide about it.
>
> I am mostly following the discussion here, since you have all the
> technical details.
>
> I agree with your analysis that it shouldn't be a problem; but on the
> other hand, such a change will simply put us on the safe side and
> without any side effect. So I personally have no objection to it :-)
>
> Thanks you both to keep thinking about this.
Hi Guiseppe,
please consider applying this patch...
Tim
- Re: [Bug-wget] [PATCH] PFS runtime check,
Tim Ruehsen <=