severity 579429 important thanks I have the same issue with midori (or GtkLauncher from Webkit) and https://www.meego.com which only accepts recent ciphers.
Disabling recent cipers to fall back to less secure ones is really a bad idea. I've explained that on upstream bug https://bugzilla.gnome.org/show_bug.cgi?id=581342 but still no real news. Current situation is that we have: * old servers broken when using TLS * new servers broken when not using TLS Given the choice, I'd *much* better break the old (insecure) servers than the new ones. Besides security, by disabling TLS you lose the extensions, especially stuff like SNI which can be really useful when you do virtual hosting. Please revert the changes and enable the full TLS support. If the websites are broken, then we need to fix the websites, not break the client stack. Regards, -- Yves-Alexis
signature.asc
Description: This is a digitally signed message part
