GNU bug report logs - #31946
27.0.50; The NSM should warn about more TLS problems

Previous Next

Package: emacs;

Reported by: Lars Ingebrigtsen <larsi <at> gnus.org>

Date: Sat, 23 Jun 2018 10:39:02 UTC

Severity: normal

Tags: fixed, security

Found in version 27.0.50

Fixed in version 27.1

Done: Lars Ingebrigtsen <larsi <at> gnus.org>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Jimmy Yuen Ho Wong <wyuenho <at> gmail.com>
To: Lars Ingebrigtsen <larsi <at> gnus.org>
Cc: Eli Zaretskii <eliz <at> gnu.org>, 31946 <at> debbugs.gnu.org, Noam Postavsky <npostavs <at> gmail.com>
Subject: bug#31946: 27.0.50; The NSM should warn about more TLS problems
Date: Thu, 28 Jun 2018 17:42:00 +0100

> I can't see that that web page mentions Diffie-Hellman at all?
>

Click on the individual browsers.

> And Firefox in Debian Stable certainly supports Diffie-Hellman.
>

Firefox on Debian is Firefox 52 ESR, it's 9 versions behind current.
Firefox 60 ESR is in the experimental section.

SSLLabs only reports that Firefox 59 / Win 7 has dropped support for
DHE_RSA in the UA capabilities page[1], but client test[2] still shows
it is supported, so does Chrome and Safari. I don't understand what's
going on there. Could that list in in client test be static? Or that
browsers still advertise their support for DHE_RSA when in fact they
don't? Might have to get on a server and log out the TLS handshake to
see what's actually going on...

[1]: https://www.ssllabs.com/ssltest/clients.html
[2]: https://www.ssllabs.com/ssltest/viewMyClient.html
This bug report was last modified 5 years and 328 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.