My current workaround is to disable DHE forward security in icedove
about:config by setting security.ssl3.*.dhe* to false. (I also set
security.ssl3.rsa* to false except security.ssl3.rsa_aes_256_sha which
should be the strongest survivor.) With DHE disabled, I am able to
connect to the server over IMAPS with libnss3 3.19.1-2 as the weak DH
temp key is not used.
Kind regards,
--
Ben Caradoc-Davies <b...@transient.nz>
Director
Transient Software Limited <http://transient.nz/>
New Zealand
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
