On Sun, Mar 23, 2014 at 08:43:35AM -0700, gegard4321 wrote: > Another reason to enable DHE_RSA_AES_*_GCM: Mozilla's new account system only > supports RSA and DHE_RSA ciphers: > https://www.ssllabs.com/ssltest/analyze.html?d=accounts.firefox.com > Same goes for mozilla.org and bugzilla.
Firefox selects TLS_DHE_RSA_WITH_AES_128_CBC_SHA, while chrome selects TLS_DHE_RSA_WITH_AES_128_GCM_SHA256. And I would really prefer the GCM version over the CBC version. Please add support for TLS_DHE_RSA_WITH_AES_*_GCM_SHA*, which currently probably means TLS_DHE_RSA_WITH_AES_128_GCM_SHA256. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto