Thanks for your assistance. Can I ask why you think this is merely a wishlist item?
If I've understood the import of this correctly, then the privacy of every visitor to every website served by Apache on every version(*) of Ubuntu is at risk. I don't think that forward-secrecy in SSL is an optional extra; I think it's a requirement. Also, in my view, server administrators who deploy https are making an implicit promise to their site's visitors - and this is a promise which they cannot honour. (*)even Saucy doesn't have 2.4 packages yet, though 2.4 is in Debian, Mageia, and Fedora. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1197884 Title: apache2.2 SSL has no forward-secrecy: need ECDHE keys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1197884/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
