On Tue, 7 Dec 2004 10:11:00 +0000 (GMT), Philip Hazel
<ph10@???> wrote:
>On Tue, 7 Dec 2004, Jan-Peter Koopmann wrote:
>> > RC4 is not even obsolescent, it's obsolete. the barn door has
>> > been open on that one for a long long time.
>>
>> Agreed. So if the two clients cannot negotiate on AES128 or 3DES you
>> would rather have them communicate without any encryption just because
>> RC4 has been cracked? If you choose to allow AES128/3DES only that is
>> your decision to make.
>
>Not quite. You can configure Exim to insist on encryption. In that case,
>if it couldn't negotiate AES128 or 3DES, it would not send the message
>at all.
Which is not an option on today's Internet. There are too many servers
out there that are not capable of encryption at all.
Greetings
Marc
--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Mannheim, Germany | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834
