On Wed, 30 Apr 2014 10:25, go...@fsfe.org said: > the SSLLabs test shows two small issues when testing gnupg.org [2], one > of which is the too short time sent in the HSTS header.
Ooops, copy and paste error: I missed the last 0 of max-age=31536000. Also fixed in the Boa source code examples. The missing forward secrecy is mainly an issue with IE which gives non-FS algorithm suites a higher preference; but for older IEs a non-FS algorithm is required. We don't have any user data at this site so the missing forward secrecy for anyway bugged Microsoft browsers should not be an issue. Salam-Shalom, Werner p.s I understand why Microsoft makes it hard to use FS - that abbreviation is also used for free software ;-) -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users