[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-wget] [PATCH] PFS runtime check

From: Tim Ruehsen
Subject: Re: [Bug-wget] [PATCH] PFS runtime check
Date: Thu, 17 Oct 2013 09:43:30 +0200
User-agent: KMail/4.10.5 (Linux/3.10-3-amd64; KDE/4.10.5; x86_64; ; )

On Monday 09 September 2013 10:46:20 Giuseppe Scrivano wrote:
> Tim Ruehsen <address@hidden> writes:
> > I don't think, we need a change. Even if the priority string 'PFS' will be
> > backported to e.g. libgnutls 3.1.x, you still need a current Wget to use
> > PFS. And the current Wget falls back to 'NORMAL:-RSA' which is exactly
> > the same regarding the used ciphers (even the order is the same).
> > The only reason for using the 'PFS' priority string instead of
> > 'NORMAL:-RSA' is to enable future changes to PFS ciphers. This is a
> > forward compatibility, the backward compatibility is given right now.
> > 
> > Of course there could be a future diversion of 'PFS' and 'NORMAL:-RSA'
> > which is than backported to libgnutls < 3.2.4. But maybe we should talk
> > about this issue than, or the backporters creates a Wget patch for their
> > system !?
> > 
> > However, here is a patch for your suggestion.
> > Should Giuseppe decide about it.
> I am mostly following the discussion here, since you have all the
> technical details.
> I agree with your analysis that it shouldn't be a problem; but on the
> other hand, such a change will simply put us on the safe side and
> without any side effect.  So I personally have no objection to it :-)
> Thanks you both to keep thinking about this.

Hi Guiseppe,

please consider applying this patch...


reply via email to

[Prev in Thread] Current Thread [Next in Thread]