Re: [exim] Enabling ECDH

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Klaus Ethgen
Datum:  
To: exim-users
Betreff: Re: [exim] Enabling ECDH
Hi,

No comment to ECDH itself, but:

Am Mo den 7. Mär 2016 um 9:50 schrieb Renaud Allard:
> openssl_options = +no_compression +cipher_server_preference +single_dh_use
> +single_ecdh_use +no_session_resumption_on_renegotiation


I do not know if you really want to use +no_compression. That would make
it easier for known plaintext attacks.

Regards
   Klaus
- -- 
Klaus Ethgen                              http://www.ethgen.ch/
pub  4096R/4E20AF1C 2011-05-16   Klaus Ethgen <Klaus@???>
Fingerprint: 85D4 CA42 952C 949B 1753  62B3 79D0 B06F 4E20 AF1C