Re: [Exim] exim wishlist TLS, SPF

Página Inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
Para: Mark Foster
CC: exim-users
Assunto: Re: [Exim] exim wishlist TLS, SPF
On Wed, 14 Jan 2004, Mark Foster wrote:

> So given the existing of CRL/OSCP, the trust model in exim seems to fall
> short, since it doesn't (appear to) check for certificate revocation.


Exim does not have a trust model. It relies on OpenSSL or GnuTLS to
handle all the cryptographic stuff, and I would dearly like to keep it
that way. Without reading the documentation, I don't know if either of
those libraries has a "check for revocation" facility. If they do, then
I assume it would be fairly easy to change Exim so that it invokes it,
assuming some invocation is necessary (i.e. the library doesn't do it
automatically). I am not keen on building the code into Exim itself.

> Please add to the wishlist... I could try and come up with some
> code/patches if you would consider it.


I will wishlist a research item to try to find out what the libraries
offer, unless somebody tells me beforehand.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book