[ https://issues.apache.org/jira/browse/TS-2417?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14192207#comment-14192207 ]
Susan Hinrichs commented on TS-2417: ------------------------------------ Looks good to me. It does always load DH group parameters for each context (either hard-coded value or value from the DHParams file). And marks the context to pick a new DH pair for each use. There is no opt-out. Not clear that is necessary. There is no opt-out for enabling ECDH either. If you really cared, I would guess that you could adjust the cipher list to avoid the ciphers that use DH. > Add forward secrecy support with DHE (SSL related) > -------------------------------------------------- > > Key: TS-2417 > URL: https://issues.apache.org/jira/browse/TS-2417 > Project: Traffic Server > Issue Type: Improvement > Components: HTTP, SSL > Reporter: Bryan Call > Assignee: John Eaglesham > Fix For: sometime > > Attachments: ats_dhe-2.patch > > > mod_ssl bug and changes: > https://issues.apache.org/bugzilla/show_bug.cgi?id=49559 > Discussion on httpd-dev list: > http://mail-archives.apache.org/mod_mbox/httpd-dev/201309.mbox/%3c52358ed1.2070...@velox.ch%3E -- This message was sent by Atlassian JIRA (v6.3.4#6332)