On Mon, Feb 26, 2018 at 10:37 AM, Nikos Mavrogiannopoulos <nmav@redhat.com> wrote:

I believe however that we should gather as many data as we can related
to this security update in Fedora28, and decide after F28 beta is
released on whether to back this change off, or to ignore this
breakage. Any data gathered is very useful in planning a future
strengthening. Any objections?

No objections from me. I wasn't able to get to one internal site, but it helped encourage our NOC to update the SSL settings on that particular internal site. That being said, it might be helpful to document how to upgrade a typical Apache configuration with SSL to support Diffie-Hellman with 1024-bit parameters.

--

Jared Smith