https://bugs.exim.org/show_bug.cgi?id=2872
Bug ID: 2872
Summary: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
Product: Exim
Version: 4.96
Hardware: x86
OS: Linux
Status: NEW
Severity: bug
Priority: medium
Component: TLS
Assignee: jgh146exb@???
Reporter: s.egbert@???
CC: exim-dev@???
Unable to choose only CHACHA20-POLY1305 cipher using this exim4.conf setting:
tls_require_ciphers = CHACHA20-POLY1305
This documentation (in
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphgnu
)states:
For TLS version 1.3 the control available is less fine-grained and Exim does
not provide access to it at present. The value of the tls_require_ciphers
option is ignored when TLS version 1.3 is negotiated.
As of writing the library default cipher suite list for TLSv1.3 is
TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256
I searched for all TLS-related bugs and none describes this one.
--
You are receiving this mail because:
You are on the CC list for the bug.
