Because the recent revelations about PRISM, it feels that everybody is revisiting their security infrastructure.
After testing during many hours the available ciphers in the Apache web server, I realized that it’s impossible to get Perfect Forward Secrecy with Red Hat and its derivatives. See bug #319901
I have decided to recompile openssl and apache for the servers I manage, I have uploaded the scripts I use to this repository: https://github.com/jorti/fedora-compile-with-ecc
[Read More]