I got this working last night.
It appears the certificate was being created incorrectly that certificate
authority is unwanted & that the SSL client extension is needed.
Regards
Patrick
> On Aug 30, 2017, at 4:36 PM, Patrick Dohman
> wrote:
>
>
>> Because they copied M$IE. This is no longe
> Because they copied M$IE. This is no longer the case with the latest version
> of FF.
I read this afternoon that conversion of the certificate type from PEM format
to the likes of PKCS#12 allows Firefox to cope
with a client server certificate exchange. However this config will likely
brea
> The above is jumbled because your mail client is BROKEN and top-posts, even
> when replying to your own posts. If it isn't worth your effort to fix that,
> it might not be worth the effort of those who might reply to actually respond.
My e-mail client is just fine.
It is the mailing-list soft
Sent from ProtonMail Mobile
>
> On Tue, Aug 29, 2017 at 3:23 PM, Rupert Gallagher
wrote:
>
>>> Clean up the EC key/curve configuration handling. We no longer support
ECDH and ECDHE can be disabled by removing ECDHE ciphers from the cipher
list. As such, permanently enable autom
On Tue, Aug 29, 2017 at 9:36 PM, Patrick Dohman
wrote:
> I’ve read that SHA1 can be brute forced however why Mozilla Firefox forces a
> ECDH is misunderstood if attempting to negotiate for example RSA
Because they copied M$IE. This is no longer the case with the latest version of
FF.
On Tue, Aug 29, 2017 at 9:36 PM, Patrick Dohman
wrote:
> I’ve read that SHA1 can be brute forced however why Mozilla Firefox forces a
> ECDH is misunderstood if attempting to negotiate for example RSA In my
> experience sea monkey can authenticate correctly against an apple
I’ve read that SHA1 can be brute forced however why Mozilla Firefox forces a
ECDH is misunderstood if attempting to negotiate for example RSA
In my experience sea monkey can authenticate correctly against an apple
key-chain however Firefox returns cipher suite errors
Regards
Patrick
> On
t hashing an appropriate algorithm is
> becoming non standardized in the event that the certificate is not a trusted
> root. Regards Patrick > On Aug 29, 2017, at 8:23 AM, Rupert Gallagher wrote:
> > >> Clean up the EC key/curve configuration handling. We no longer support
> ECD
ng. We no longer support ECDH
>> and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As
>> such, permanently enable automatic EC curve selection and generation,
>> effectively disabling all of the configuration knobs.
>
> https://www.tedunangst.c
Gallagher wrote:
>> Clean up the EC key/curve configuration handling. We no longer support ECDH
>> and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As
>> such, permanently enable automatic EC curve selection and generation,
>> effectiv
> Clean up the EC key/curve configuration handling. We no longer support ECDH
> and ECDHE can be disabled by removing ECDHE ciphers from the cipher list. As
> such, permanently enable automatic EC curve selection and generation,
> effectively disabling all of the configuration k
11 matches
Mail list logo
