Re: [exim] [exim-dev] Exim 4.80 RC7 uploaded

Top Page
Delete this message
Reply to this message
Author: Phil Pennock
Date:  
To: Wolfgang Breyha
CC: exim-users
Subject: Re: [exim] [exim-dev] Exim 4.80 RC7 uploaded
On 2012-05-30 at 12:34 +0200, Wolfgang Breyha wrote:
> RC7 runs smoothly so far. Only "new" stuff in my logs I found is:
> 2012-05-30 12:07:56 1SZfop-0005Dd-Kw TLS error on connection to
> service13.mimecast.com [91.220.42.7] (gnutls_handshake): The Diffie-Hellman
> prime sent by the server is not acceptable (not long enough).
>
> Connecting to this host with gnutls-cli offers a VeriSign Cert and


Above that:
*** Starting TLS handshake
- Ephemeral Diffie-Hellman parameters
- Using prime: 768 bits
- Secret key: 767 bits
- Peer's public key: 768 bits

I set 1024, which has been the size issued by Exim for a very long time,
and is very short when considered in light of:
http://www.keylength.com/en/3/

So 768 is *lower* than:
Very short-term protection against small organizations
Should not be used for confidentiality in new systems
and so falls into the criteria of:
Attacks in "real-time" by individuals
Only acceptable for authentication tag size

Thus the size chosen by that site is into the "fooling yourself" level
of security. If you have contacts with them, you might want to let them
know that they've got a security misconfiguration.

To unbreak for this release, I will lower the hard-coded minimum from
1024 to 512. Eww. For 4.81, I will switch this limit to be a
configure-time option, defaulting to 1000 and lowerable to 512. Those
who want more security can raise the limit. I'll make it an expanded
transport option, so it can be configured per connection and folks
exchanging data with cooperative systems can raise the minimum.

-Phil