On Thu, 2 Dec 2004, Marc Haber wrote:
> Result: The cipher being actually used is determined by the sending
> side by choosing the first cipher listed in the transport that is
> actually supported by the server.
I will elaborate on this in the manual. At present it hints at it with
just a single sentence: "In a client, the order of the list specifies a
preference order for the algorithms."
> There is no problem with the Exim code besides the somewhat suboptimal
> default.
Does it make sense to change the default order? What would you suggest?
The relevant code shows the current order:
static int default_cipher_priority[16] = {
GNUTLS_CIPHER_ARCFOUR_128,
GNUTLS_CIPHER_AES_128_CBC,
GNUTLS_CIPHER_3DES_CBC,
GNUTLS_CIPHER_ARCFOUR_40,
0 };
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
