Perfect Forward Secrecy: Not So Perfect, Not So Forward
alan.braggins at gmail.com
Wed Dec 12 17:03:01 GMT 2012
On 11/12/12 20:59, Peter Fairbrother wrote:
> It's been a while since I checked, but I think Google do offer a DHE
> suite - but the client must ask for one, they are not used as default.
The default is now DHE.
"We are now pushing forward by enabling forward secrecy by default."
"Firstly, the preferred cipher suite for most Google HTTPS servers is
ECDHE-RSA-RC4-SHA. If you have a client that supports it, you'll be
using that ciphersuite."
More information about the ukcrypto