Closed
Bug 586645
Opened 15 years ago
Closed 14 years ago
https://www.citylink.com.au uses a very weak (256-bit) Diffie-Hellman key for DHE_RSA SSL cipher suites.
Categories
(Tech Evangelism Graveyard :: English Other, defect)
Tech Evangelism Graveyard
English Other
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: wtc, Unassigned)
References
()
Details
https://www.citylink.com.au is an English site located in
Melbourne, Australia.
The server uses a very weak (256-bit) Diffie-Hellman key for
DHE_RSA SSL cipher suites. See bug 583337 comment 33 for the
original report of this problem.
To fix this server configuration problem, either
- use a 1024-bit Diffie-Hellman key for the DHE_RSA SSL cipher
suites, or
- disable all DHE SSL cipher suites.
The latter may be easier to do.
|
Reporter | |
Comment 1•15 years ago
|
||
I sent an email to assist@citylink.com.au and
webmaster@citylink.com.au about this bug.
webmaster@citylink.com.au bounced.
|
||
Comment 2•14 years ago
|
||
I connected to https://www.citylink.com.au several times today and never got the weak key error.
Should this bug be closed as WORKSFORME?
|
||
Updated•14 years ago
|
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → WORKSFORME
|
||
Comment 3•14 years ago
|
||
Shouldn't this be FIXED, then, since there was an obvious problem at one point and that problem has since disappeared? Something like this can't spontaneously resolve itself, and it was indeed a problem.
Resolution: WORKSFORME → FIXED
|
|
||
Comment 4•14 years ago
|
||
Chris, I don't care which resolution is used, but the guidelines say "Resolve a bug as FIXED if the bug has been fixed by a checkin into the Mozilla Mercurial code repository. Bugs which can no longer be reproduced should be marked WORKSFORME instead of FIXED if they can't be linked to a single checkin." -- https://developer.mozilla.org/en/What_to_do_and_what_not_to_do_in_Bugzilla
Resolution: FIXED → WORKSFORME
In tech evangelism, I think FIXED is used to mean "they fixed it because we told them about it" whereas WORKSFORME is for bugs that can no longer be reproduced but that were never in the ASSIGNED state. Perhaps this should have been assigned to wtc in comment 1. It doesn't really matter and it's unclear whether they fixed it as a result of that e-mail or not, so to save churn I'll leave it as it is now (WFM).
|
|
||
Comment 6•14 years ago
|
||
Daniel is correct. TE isn't like the rest of Bugzilla, because the whole point of TE is that Mozilla does not have control over the buggy code.
|
|
||
Comment 7•14 years ago
|
||
Although, for whatever it's worth, FIXED in TE generally means "the bug no longer exists" regardless of the site's motivation for changing their code/configuration. It doesn't really matter whether they did it as a result of TE efforts here or not; the bug is FIXED just the same ;)
Resolution: WORKSFORME → FIXED
|
||
Updated•10 years ago
|
Product: Tech Evangelism → Tech Evangelism Graveyard
You need to log in
before you can comment on or make changes to this bug.
Description
•