[exim-dev] [Bug 2822] Issues with DHE ciphers - problems wit…

Top Page

Reply to this message
Author: admin
Date:  
To: exim-dev
Subject: [exim-dev] [Bug 2822] Issues with DHE ciphers - problems with GnuTLS implementation?
https://bugs.exim.org/show_bug.cgi?id=2822

--- Comment #3 from Ferry <freaky@???> ---
a) GnuTLS 3.6.16 & Exim 4.92.2 in our case - but the link to the bug filed at
sslscan by someone else indicates issues with exim in debian (he filed here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968145 - no response).
b) Exim seems to fail offering any DHE cipher suites whatsoever on the TLS
layer.

The 1st wall lists the results gnutls shows on the priority string.

The 2nd wall is sslscan running against gnutls-serv with the given priority
string detecting gnutls-serv actually offering what's output in the first.

The 3rd shows exim doesn't.

The 4th shows that on 2000+ connections in the logs nothing is actually using a
DHE cipher suite either. Which makes a bug on the sslscan unlikely - esp. since
it works as expected against gnutls-serv with the same string.

Then there is some reasoning why this is important for us at least.

Hope that clarifies it a bit.

--
You are receiving this mail because:
You are on the CC list for the bug.