On Tuesday, May 26, 2015 5:12 PM Remi Gacogne wrote:

> On 05/23/2015 08:47 AM, Willy Tarreau wrote:
> > Do you have any idea about the ratio of clients (on the net) which don't
> > support ECDHE right now but support DHE ?
> 
> Basically, by totally removing DHE, we would be losing forward secrecy for:
> - Java <= 6 ;
> - OpenSSL <= 1.0.0 ;
> - Android <= 3.
> 
> Note that moving to a DH size of 2048-bit is an issue if you have Java 6
> clients anyway (Java 7 does not support DHE > 1024-bit either, but does
> support ECDHE).

What about other clients (ie. browsers running on different OS combinations) - 
especially legacy systems?

Will IE7 on Windows XP have problems if I change to a 2048 or even a 4096 DH 
group?

What about other combinations of client/OS?

We've only offer TLS (no SSLv3) and use Mozillas Intermediate compatibility 
ciphersuite, but I need to keep backwards compatibility with a lot of legacy 
clients that I have no control over.

If changing to a higher DH group breaks connectivity with even just a few 
ordinary browser/OS combinations I am afraid that I have no choice to stick 
with the current vunerable group..

Regards,
Jens Dueholm Christensen
Survey IT

Reply via email to