[exim-dev] [Bug 2872] New: Unable to select ONLY TLSv1.3 CH…

Góra strony
Delete this message
Reply to this message
Autor: admin
Data:  
Dla: exim-dev
Nowe tematy: [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher, [exim-dev] [Bug 2872] Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
Temat: [exim-dev] [Bug 2872] New: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
https://bugs.exim.org/show_bug.cgi?id=2872

            Bug ID: 2872
           Summary: Unable to select ONLY TLSv1.3 CHACHA20-POLY1305 cipher
           Product: Exim
           Version: 4.96
          Hardware: x86
                OS: Linux
            Status: NEW
          Severity: bug
          Priority: medium
         Component: TLS
          Assignee: jgh146exb@???
          Reporter: s.egbert@???
                CC: exim-dev@???


Unable to choose only CHACHA20-POLY1305 cipher using this exim4.conf setting:

    tls_require_ciphers = CHACHA20-POLY1305



This documentation (in
https://www.exim.org/exim-html-current/doc/html/spec_html/ch-encrypted_smtp_connections_using_tlsssl.html#SECTreqciphgnu
)states:

For TLS version 1.3 the control available is less fine-grained and Exim does
not provide access to it at present. The value of the tls_require_ciphers
option is ignored when TLS version 1.3 is negotiated.

As of writing the library default cipher suite list for TLSv1.3 is

    TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256




I searched for all TLS-related bugs and none describes this one.

--
You are receiving this mail because:
You are on the CC list for the bug.