Thanks for your assistance. Can I ask why you think this is merely a wishlist item?
If I've understood the import of this correctly, then the privacy of every visitor to every website served by Apache on every version(*) of Ubuntu is at risk. I don't think that forward-secrecy in SSL is an optional extra; I think it's a requirement. Also, in my view, server administrators who deploy https are making an implicit promise to their site's visitors - and this is a promise which they cannot honour. (*)even Saucy doesn't have 2.4 packages yet, though 2.4 is in Debian, Mageia, and Fedora. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/1197884 Title: apache2.2 SSL has no forward-secrecy: need ECDHE keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs