Summary: | konqueror does not support DES-CBC3-SHA cypher | ||
---|---|---|---|
Product: | [Applications] konqueror | Reporter: | Pawel Orzechowski <orzechowskip> |
Component: | general | Assignee: | Konqueror Developers <konq-bugs> |
Status: | RESOLVED INTENTIONAL | ||
Severity: | normal | CC: | karaluh |
Priority: | NOR | ||
Version: | unspecified | ||
Target Milestone: | --- | ||
Platform: | Debian testing | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: |
Description
Pawel Orzechowski
2006-10-12 23:35:27 UTC
This cipher was problematic on other sites. I already answered this to someone today. A site that forces only this cipher is broken. G'day. I can see that this bug is marked as WONTFIX, but my hope is to convince you to change your mind. This particular limitation on Konqueror causes non-trivial problems here in Australia as several of our banks only offer the DES-CBC3-SHA cipher. With the recent release of KDE with this change they are no longer accessible. I don't dispute that the cipher in question has caused problems with other sites, but I would like to suggest a different resolution. The other web browsers I tested (Opera and Firefox, Linux and Windows, and IE6) all offer the cipher in their selection but, as far as I can see, a ways down the priority list. That means, by convention, that the remote server will prefer other ciphers to DES-CBC3-SHA where possible, but can still use that if they require it. That should, hopefully, address the compatibility problems with other sites without compromising the usability of Konqueror on the web. Finally, while I agree that sites forcing that one specific cipher is odd it isn't technically broken, as the SSL standards do permit that use -- even if it isn't necessarily a very clever choice on their part. Regards, Daniel I agree with above. As there is no chance that the banks would change ciphers, konqueror should somehow deal with it, as Firefox does. |