Forum

As explained at
http://googleonlinesecurity.blogspot.com/2011/11/protecting-data-for-long-term-with.html

Hiawatha uses PolarSSL. I'm no SSL expert, so the best thing you can do is to contact the PolarSSL author (Paul Bakker) and ask him this question. I'll notify him about this topic. Perhaps he'll answer this question here.

@Paul: has DH something to do with forward secrecy?

All DHE end ECDHE ciphersuites have perfect forward secrecy. Not just ECDHE. The negotiated key is not recoverable if later in time the RSA or ECC key is broken.

PolarSSL has 'always' supported the DHE_RSA ciphersuites and in the 1.3 line ECDHE-based ones will be added.

So yes.. DHE has a lot to do with forward secrecy. And it is supported

Paul,
I used the SSL test tool at www.ssllabs.com to check 'forward secrecy' support for hiawatha-webserver and nginx (under Handshake Simulation section).
With hiawatha, only Chrome and Firefox seems to be able to use 'forward secrecy'. Whereas with nginx Chrome, Firefox, IE9, IE10, Safari iOS and Safari 5.0.1.
Wondering is it due to the lack of ECDHE based ciphersuites?

Thanks for the quick response.

Cannot think why..

DHE is as 'forward secure' as ECDHE..

Can it be that in the default settings Hiawatha is putting RC4 as preferred for < TLS 1.0 clients and that those clients do not support TLS 1.1 or higher?

According to the article at http://news.netcraft.com/archives/2013/06/25/ssl-intercepted-today-decrypted-tomorrow.html, there seems to browsers cipher support issues.