diff --git a/libretroshare/src/pqi/authssl.cc b/libretroshare/src/pqi/authssl.cc
index 623c061cb..495cb99a5 100644
--- a/libretroshare/src/pqi/authssl.cc
+++ b/libretroshare/src/pqi/authssl.cc
@@ -335,10 +335,9 @@ static  int initLib = 0;
 	// the connection will be refused. So we happend the HIGH cipher suite just after. In oder to force 
 	// PFS, at the risk of not always connecting, one should use:
 	//
-	// 		std::string cipherString = "kEDH:!ECDHE:!DSS:!aNULL:!3DES";
+	// 		std::string cipherString = "kEDH:HIGH:!DSS:!aNULL:!3DES";
 	//
-	// ECDHE has been removed from the list because of suspicions about the level of security in the
-	// generation of the elliptic curves parameters. The following safe primes are 2048/4096 bits long. Should be enough.
+	// The following safe primes are 2048/4096 bits long. Should be enough.
 	//
 	// std::string dh_prime_2048_dec = "30651576830996935311378276950670996791883170963804289256203421500259588715033040934547350194073369837229137842804826417332761673984632102152477971341551955103053338169949165519208562998954887445690136488713010579430413255432398961330773637820158790237012997356731669148258317860643591694814197514454546928317578771868379525705082166818553884557266645700906836702542808787791878865135741211056957383668479369231868698451684633965462539374994559481908068730787128654626819903401038534403722014687647173327537458614224702967073490136394698912372792187651228785689025073104374674728645661275001416541267543884923191810923";
 	//
@@ -346,7 +345,7 @@ static  int initLib = 0;
 
 	std::string dh_prime_4096_hex = "A6F5777292D9E6BB95559C9124B9119E6771F11F2048C8FE74F4E8140494520972A087EF1D60B73894F1C5D509DD15D96CF379E9DDD46CE51B748085BACB440D915565782C73AF3A9580CE788441D1DA4D114E3D302CAB45A061ABCFC1F7E9200AE019CB923B77E096FA9377454A16FFE91D86535FF23E075B3E714F785CD7606E9CBD9D06F01CAFA2271883D649F13ABE170D714F6B6EC064C5BF35C4F4BDA5EF5ED5E70D5DC78F1AC1CDC04EEDAE8ADD65C4A9E27368E0B2C8595DD7626D763BFFB15364B3CCA9FCE814B9226B35FE652F4B041F0FF6694D6A482B0EF48CA41163D083AD2DE7B7A068BB05C0453E9D008551C7F67993A3EF2C4874F0244F78C4E0997BD31AB3BD88446916B499B2513DD5BA002063BD38D2CE55D29D071399D5CEE99458AF6FDC104A61CA3FACDAC803CBDE62B4C0EAC946D0E12F05CE9E94497110D64E611D957423B8AA412D84EC83E6E70E0977A31D6EE056D0527D4667D7242A77C9B679D191562E4026DA9C35FF85666296D872ED548E0FFE1A677FCC373C1F490CAB4F53DFD8735C0F1DF02FEAD824A217FDF4E3404D38A5BBC719C6622630FCD34F6F1968AF1B66A4AB1A9FCF653DA96EB3A42AF6FCFEA0547B8F314A527C519949007D7FA1726FF3D33EC46393B0207AA029E5EA574BDAC94D78894B22A2E3303E65A3F820DF57DB44951DE4E973C016C57F7A242D0BC53BC563AF" ;
 
-	std::string cipherString = "kEDH:HIGH:!ECDHE:!DSS:!aNULL:!3DES";
+	std::string cipherString = "kEDH:HIGH:!DSS:!aNULL:!3DES";
 
 	SSL_CTX_set_cipher_list(sslctx, cipherString.c_str());