[exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >…

Pàgina inicial
Delete this message
Reply to this message
Autor: Todd Lyons
Data:  
A: exim-dev
Assumpte: [exim-dev] [Bug 1397] enable ECDH key exchange for OpenSSL >=1.0.0
------- You are receiving this mail because: -------
You are on the CC list for the bug.

http://bugs.exim.org/show_bug.cgi?id=1397




--- Comment #5 from Todd Lyons <tlyons@???> 2013-10-15 14:34:34 ---
> Frankly, the more I look at this, the more inclined I am to say that 4.82
> should go out without explicit support for enabling ECDHE, so that we can
> better understand the issues. A quick and simple fix, as uninvasive as
> possible, is one thing, but this now looks like that's just inadequate.
> Jeremy, Todd, please do *not* merge the `enable_ecdhe` branch for 4.82. With
> our luck, it would turn out to break clients that barf when ECDHE suddenly
> becomes available anyway.


Agreed. I think the best course of action is to wrap up 4.82 at the
end of this week. Then I would like to target a small baking period
for features and roll a 4.83, say 2-3 months. Between you and
Wolfgang, you both have provided us with some new things that are
going to enhance crypto features.

I'd also like to take a shot at the DANE support that Viktor
mentioned. So a 4.83 with major security enhancements would be
additional positive press.


--
Configure bugmail: http://bugs.exim.org/userprefs.cgi?tab=email