Am 10.11.2014 um 17:44 schrieb Dieter Klünter:
>
> You should pobably read GnuTLS Docs on this matter, and this blog for
> background information.
>
> https://sys4.de/de/blog/2013/09/09/perfect-forward-secrecy-eine-zusammenfassung
I have already read this blog, I know about the dh-params file. The
problem I am talking about was in OpenLDAP master until last year, then
it was fixed. But this fix has not found its way into the releases yet.
I just ask the question why and when we will be able to see it in the
releases.
The patch I am talking about:
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=commit;h=622d13a32ec8d623c26a11b60b63e443dc86df99
But even in 2.4.40 the bug is still present (with GnuTLS there are no DH
ciphers available).
Christopher
--
======================================================
Dipl.-Ing. Christopher Odenbach
Zentrum fuer Informations- und Medientechnologien
Universitaet Paderborn
Raum N5.311
odenbach@uni-paderborn.de
Tel.: +49 5251 60 5315
======================================================
Attachment:
signature.asc
Description: OpenPGP digital signature