Hi, There has been a lot of discussion on this list about the risks of using legacy TLS protocol versions. But what about supporting new TLS features, such as hybrid post-quantum key exchange?
System-wide configuration of TLS groups (e.g., via openssl.cnf) is already possible, and that may be sufficient in many cases. However, as Viktor Dukhovni pointed out in [email protected], there are interoperability issues with some MX hosts when hybrid TLS groups are used. This makes it highly desirable to have per-transport TLS group control in Exim — specifically in the remote_smtp transport. For outgoing mail, this would allow selecting different sets of elliptic curves and post-quantum or hybrid TLS groups depending on the destination. In practice, this would involve using the SSL_set1_groups_list() function, which supports both classic curves (e.g., X25519, secp256r1) and newer hybrid/post-quantum groups (e.g., X25519MLKEM768, mlkem768, etc.). For incoming mail, it may also be useful to support such groups. In this case, OpenSSL requires the use of SSL_CTX_set1_groups_list() (rather than SSL_CTX_set1_groups()) to specify TLS groups that do not have a numeric identifier (NID). -- Best wishes Viktor Ustiuhov mailto:[email protected] -- ## subscription configuration (requires account): ## https://lists.exim.org/mailman3/postorius/lists/exim-users.lists.exim.org/ ## unsubscribe (doesn't require an account): ## [email protected] ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
