FWIW, I’ve run into at least one interoperability problem with switching to a 2048-bit prime. Older JDK has a 1024-bit limit and throws an exception upon seeing a 2048-bit prime from a server.
Good News! Your browser is safe against the Logjam attack.
Otter 0.9.05 beta 5
Web browser controlled by the user, not vice-versa.
Web backend: WebKit Backend 538.1.
SSL library version: LibreSSL 2.1
That’s the reason I think we should take a lesson from the OpenBSD folks about pro-active security and breaking backwards compatibility from time to time.
It’s also worth to note that my personal owncloud server & roundcube instance running on OpenBSD -current was also not affected - because it runs with the stock httpd from base which ships with a sane configuration and also uses LibreSSL.
Yes it sucks when software explodes after some of the changes made in the tree. On the other hand nothing is as satisfying as seeing that the fallback from the past made you less vulnerable to a flaw that everyone is running & screaming about.
FWIW, I’ve run into at least one interoperability problem with switching to a 2048-bit prime. Older JDK has a 1024-bit limit and throws an exception upon seeing a 2048-bit prime from a server.
That’s the reason I think we should take a lesson from the OpenBSD folks about pro-active security and breaking backwards compatibility from time to time.
It’s also worth to note that my personal owncloud server & roundcube instance running on OpenBSD -current was also not affected - because it runs with the stock httpd from base which ships with a sane configuration and also uses LibreSSL.
Yes it sucks when software explodes after some of the changes made in the tree. On the other hand nothing is as satisfying as seeing that the fallback from the past made you less vulnerable to a flaw that everyone is running & screaming about.