Re: [exim] exim 4.43 and GnuTLS: How to control cipher negot…

Top Page

Reply to this message
Author: Marc Haber
Date:  
To: exim-users
Subject: Re: [exim] exim 4.43 and GnuTLS: How to control cipher negotiation?
On Tue, 7 Dec 2004 10:11:00 +0000 (GMT), Philip Hazel
<ph10@???> wrote:
>On Tue, 7 Dec 2004, Jan-Peter Koopmann wrote:
>> > RC4 is not even obsolescent, it's obsolete. the barn door has
>> > been open on that one for a long long time.
>>
>> Agreed. So if the two clients cannot negotiate on AES128 or 3DES you
>> would rather have them communicate without any encryption just because
>> RC4 has been cracked? If you choose to allow AES128/3DES only that is
>> your decision to make.
>
>Not quite. You can configure Exim to insist on encryption. In that case,
>if it couldn't negotiate AES128 or 3DES, it would not send the message
>at all.


Which is not an option on today's Internet. There are too many servers
out there that are not capable of encryption at all.

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber         |   " Questions are the         | Mailadresse im Header
Mannheim, Germany  |     Beginning of Wisdom "     | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834