On Mon, Aug 09, 2010 at 10:27:20AM +0200, Mike Hommey wrote: > Long story short: the server is insecure (see the upstream bug below). > > A workaround for iceweasel is given here: > https://bugzilla.mozilla.org/show_bug.cgi?id=583337#c6 As I use chromium the workaround provided of setting ssl3.dhe to false isn't going to work. Probably modutils from NSS security tools but I didn't get much time for reading or playing with that.
So, I thought I'd try the suggestion as given in this bug report in particular: ------- I suggest that Mozilla ask portal-plumprod.cgc.enbridge.com to fix this server configuration problem. The simplest fix is probably to disable all DHE cipher suites. ------- I wrote to Citylink "contact us" myself and thought that as I'm a really valued customer it might be worth a shot to let then know to improve their very weak security. Although I'm already thinking it's going to be a very long shot.... -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
