Project

General

Profile

Actions

Feature #28611

closed

Security weakness : Forward Secrecy

Added by L'Orphelin Cyril over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Service
Target version:
-
Start date:
02/22/2018
Due date:
% Done:

0%

Estimated time:

Description

Lavoisier server does not support Forward Secrecy with the reference browsers .

Forward secrecy (FS) also known as perfect forward secrecy (PFS), is a property of secure communication protocols in which compromises of long-term keys does not compromise past session keys. Forward secrecy protects past sessions against future compromises of private key. The very popular RSA key exchange doesn’t provide forward secrecy. You need to support and prefer ECDHE suites in order to enable forward secrecy with modern web browsers.

Actions

Also available in: Atom PDF