------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=674
--- Comment #6 from Tony Finch <dot@???> 2008-08-13 12:13:38 ---
On Wed, 13 Aug 2008, Phil Pennock wrote:
>
> I guess the real question is whether or not it's bad to load all digests
> (and/or ciphers) when the Exim option tls_require_ciphers is set and whether or
> not we need a new tls_require_digests option (or if the ciphers option digest
> field stuff is sufficient for cert verification).
That sounds plausible.
> If tls_require_ciphers is a saving throw, then what probably needs to happen is
> that the tls_require_ciphers option should have a reasonable default set,
> instead of being unset by default, and then we add a call to
> OpenSSL_add_all_algorithms().
No, it's not Exim's job to know that kind of detail about TLS.
> Does anyone here have any expertise in this? If not, there are some people I
> can ask for help elsewhere.
That would be helpful.
Tony.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
