Re: [exim] Advertising TLS

Top Page
Delete this message
Reply to this message
Author: Merlin Hartley
Date:  
To: Jeremy Harris
CC: exim-users
Subject: Re: [exim] Advertising TLS
I think they mean Enigmail-style client email encryption rather than e-mail server encryption.

M


--
Merlin Hartley
IT Systems Engineer
MRC Mitochondrial Biology Unit
Wellcome Trust/MRC Building
Cambridge Biomedical Campus
Cambridge
CB2 0XY
UK

> On 3 Nov 2015, at 16:19, Jeremy Harris <jgh@???> wrote:
>
> On 03/11/15 16:05, Ian Eiloart wrote:
>>
>>> On 3 Nov 2015, at 14:52, Jon Gerdes <gerdesj@???> wrote:
>>>
>>> Generating a self signed certificate at install time could be fraught
>>> with problems: what if there is an insecure OpenSSL/LibreSSL/whatever
>>> library installed and used?
>>
>> Rather than use a self-signed certificate, why not use LetsEncrypt.org to get a free domain bound certificate with widespread trust anchors? 
>>     https://letsencrypt.org/getinvolved/

>
>
> https://community.letsencrypt.org/t/frequently-asked-questions-faq/26
>
>> Can I use certificates from Let’s Encrypt for code signing or email
>> encryption?
>>
>> No. Email encryption and code signing require a different type of
>> certificate than Let’s Encrypt will be issuing.
>
> Not especially encouraging.
> --
> Jeremy
>
>
> --
> ## List details at https://lists.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://wiki.exim.org/