Mozilla cryptographer Nelson Bolyard reported that the SSL implementation was permitting servers to use Diffie-Hellman Ephemeral mode (DHE) with too short of a minimum key length. DHE keys of such lengths are trivially breakable on modern hardware so SSL servers operating in this mode were providing very little effective security for their clients.