Re: [exim] PFS encryption

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MGraeme Fowler at <-
MPhil Pennock at ->
Delete this message
Reply to this message
Author: Cyborg
Date:  
To: Exim-users
Subject: Re: [exim] PFS encryption
Am 30.07.2013 11:19, schrieb Graeme Fowler:
> On 30 Jul 2013, at 08:56, Cyborg <cyborg2@???> wrote:
>> as i just read about PFS, i was wondering how exim is handling the key exchange.
>>
>> the article suggested to use these ciphers in this order:
>>
>> TLS_ECDHE_RSA_WITH_RC4_128_SHA
>> TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
>> TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
>> TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
> Look for tls_require_ciphers in the docs.
>

But was is the DEFAULT ?

Is it the output of "openssl ciphers" ?

if so, i don't see any ellipticbased ciphers there, but at least they
use DHE, which indicates PFS is used, which is good.

Next question, out of curiosity :

are there any statistics about the usage of ciphers in exim mailservers ?

( google returns only the exim specs as result for "statistics about
exim cipher usage" )



Marius



This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] PFS encryptionRe: [exim] How to scan outgoing mails->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)