Red Hat Bugzilla – Bug 756781
RFE: Upgrade to 1.0.1 and support forward secrecy via ECDHE
Last modified: 2011-11-24 10:16:24 EST
Google has started forward secrecy via ECDHE for https, see:
This requires an updated openssl supporting ECDHE:
Upgrade to openssl 1.0.1 in order to support this.
We will upgrade to openssl-1.0.1 as soon as it is released. However we will not support ECDHE due to possible patent concerns anyway.
Forward secrecy is possible also with the DHE algorithms however they probably will not be supported by high access sites due to the increased load of the DHE.