"The risks they pose range from denial-of-service attacks, changing the fingerprint certificate, client authorization without verification message for a DH (Diffie-Hellman) certificate, client accepting the use of a temporary RSA or a handshake that leads to removing the forward secrecy from the ciphersuite." -- source: http://news.softpedia.com/news/Eight-Security-Vulnerabilities-Patched-By-Ope... Cheers, Peter -- Peter Reutemann, Dept. of Computer Science, University of Waikato, NZ http://www.cms.waikato.ac.nz/~fracpete/ Ph. +64 (7) 858-5174