On 2014-08-06 10:14, Dave Cridland wrote: > Without an RSA cert at all, can a remote server with only RSA negotiate TLS?
Sure they can. But here the only non-ECDSA-ciphers offered are DHE ones, so for another server to support incoming connections from mqas.net they need to have DH parameters set up. At least prosody requires the operator to generate and configure those themselves, so there is no EDH out of the box, only ECDHE. So I would recommend that the operator of mqas.net enable some ECDHE ciphers if they want better interoperability. -- Kim "Zash" Alvefur
signature.asc
Description: OpenPGP digital signature
