On 10/23/2013 10:57 PM, Viktor Dukhovni wrote: [snip]
The problem turns out to be that RedHat's patch did not prune the
list of curves advertised by the TLS client! They're going to
update the code to only advertise secp{256,384}r1, which will make
connections to gmx.de work again (but without EECDH).
Apologies if this is too OT but did Paul mention why they are ripping out curves?
Regards, Patrick
