Forward Secrecy on the horizon

28 July 2013, 03:57
Take a look at the new google policy of forward secrecy.

Maybe a good discussion for the folks at PolarSSL and Hiawatha.

I do not think there is a rush for this, but something to consider for 2014

Hugo Leisink
28 July 2013, 08:00
PolarSSL already supports PFS.
28 July 2013, 15:42
how do we configure hiawatha to take advantage of this?

Or more to the point, what do I have to do with my SSL certificates and hiawatha.conf to enable it and utilize it?
Hugo Leisink
28 July 2013, 20:35
Nothing. Hiawatha already prefers the strong ciphers. Whether they are used or not depends on what the client supports. Which cipher will be used is determined during the SSL handshake.
This topic has been closed.