https://bugs.exim.org/show_bug.cgi?id=1656
--- Comment #3 from Phil Pennock <pdp@???> ---
Oh, "lowers security" statement: that was a little strong and belonged to an
earlier draft response. It's still true though.
When DH size parameters are unacceptable, TLS negotiation fails hard (without
some very new extensions). When TLS negotiation in SMTP fails, many clients
fall back to cleartext. Making TLS fail unless it's "good enough" but causing
clients to use plaintext counts as a lowering of security.
If an administrator wants to bound to 1024 to work with those clients, that's
their call to make.
--
You are receiving this mail because:
You are on the CC list for the bug.