Re: [exim] exim 4.43 and GnuTLS: How to control cipher negot…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Marc Haber
CC: exim-users
New-Topics: [exim] looking for a tutorial or howto
Subject: Re: [exim] exim 4.43 and GnuTLS: How to control cipher negotiation?
On Tue, 30 Nov 2004, Marc Haber wrote:

> When using gnutls-cli, a better cipher is negotiated. Who contributed
> the GnuTLS Interface?


Nikos Mavroyanopoulos provided GnuTLS proof of concept code; I had to 
tidy it up a bit to fit it more into the Exim "culture". I think I also 
had to make some changes when GnuTLS reached release 1. But I always 
feel I am flying blind when working on it.       


> >tls_require_ciphers = AES : 3DES
> >
> >? That is, tried preventing it from using ARCFOUR at all?
>
> Not yet. That configuration option would disable encryption completely
> with a communications partner that is only capable of doing ARCFOUR,
> which is a bad thing.


Yes, I realize that; I didn't mean you to use that for real, but just to
test whether tls_require_ciphers was working at all.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book