Autor: Cyborg
Data:
Para: Exim-users
Assunto: [exim] PFS encryption
Hi all,
as i just read about PFS, i was wondering how exim is handling the key
exchange.
the article suggested to use these ciphers in this order:
TLS_ECDHE_RSA_WITH_RC4_128_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
as they implement the PFS Keyexchange, which prevents a sniffed
datastream from being decrypted in the future.
( for anyone wondering, thats because the session key never gets
directly transmitted )
So, whats exim prefering as cipher and how can that be controlled via
exim.conf , if it's configureable at all.
Marius