------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=674
--- Comment #13 from Phil Pennock <exim-dev@???> 2008-08-15 12:56:34 ---
You're not likely to have long to wait. RFC 5246 is now out, specifying TLS
1.2.
----------------------------8< cut here >8------------------------------
1.2. Major Differences from TLS 1.1
This document is a revision of the TLS 1.1 [TLS1.1] protocol which
contains improved flexibility, particularly for negotiation of
cryptographic algorithms. The major changes are:
- The MD5/SHA-1 combination in the pseudorandom function (PRF) has
been replaced with cipher-suite-specified PRFs. All cipher suites
in this document use P_SHA256.
[...]
----------------------------8< cut here >8------------------------------
I've just checked with someone heavily involved in the OpenSSL project and it's
likely that sha256 will be loaded by default soon.
Which then just leaves the patch I offered as a way for people to tune knobs
without being dependent upon the Exim developers.
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
