besides the commuity site missig forward secrecy, there seem to be some issues with the community registration form:
- An email address containing a "+" in the local part will be preset with a whitespace character substituting the "+" within the registration form field.
- When there was a validation error (for example, a whitespace character in the email address), the captcha image seems to be cached by the browser while the actual captcha content has been refreshed.
- The password strength indicator thingy is displayed for the password verification field as well (not an actual "issue").
You may want to fix the above issues and activate forward secrecy for the community site: