Bug#787505: libnss3: NSS 3.19.1 breaks icedove IMAPS to server with DH 786 temp key
Ben Caradoc-Davies
ben at transient.nz
Sun Jun 7 22:38:54 UTC 2015
My current workaround is to disable DHE forward security in icedove
about:config by setting security.ssl3.*.dhe* to false. (I also set
security.ssl3.rsa* to false except security.ssl3.rsa_aes_256_sha which
should be the strongest survivor.) With DHE disabled, I am able to
connect to the server over IMAPS with libnss3 3.19.1-2 as the weak DH
temp key is not used.
Kind regards,
--
Ben Caradoc-Davies <ben at transient.nz>
Director
Transient Software Limited <http://transient.nz/>
New Zealand
More information about the pkg-mozilla-maintainers
mailing list