Autor: Richard Welty Data: A: Exim \(E-mail\) Assumpte: Re: [Exim] ciphers for SMTP over TLS in exim?
On Sun, 7 Oct 2001 05:19:41 -0500, "Karl Schmidt" <karl@???>
wrote:
>The openssl-0.9.6-9 supports the following ciphers.
>
>EDH-RSA-DES-CBC3-SHA
>EDH-DSS-DES-CBC3-SHA >DES-CBC3-MD5
...many ciphers omitted....
as i indicated to philip in private email, i've determined that i was
confused, and i have determined the source of the confusion.
the cipher(1) man page that is distributed with openssl has a lot of
information on the subject. among the things contained therein is a
table of mappings between the cipher names specified in the RFCs and
the ones used in openssl -- they're not the same. having once worked
for the manufactuer of an IPSec appliance, i am familiar with the RFC
names and not the openssl ones. i'm used to seeing 3DES to represent
triple DES, and in the openssl terminology, the 3 is transposed
elsewhere in the name, thus DES-CBC3-SHA is actually triple DES.
so i was getting 3DES all along, but because the log entries are
written out with the openssl naming convention, i didn't see the 3 in
front of DES, and assumed that single DES was in use.